qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://basejumper.io/
Effective URL:
https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Submission: On October 14 via manual (October 14th 2022, 9:30:21 pm UTC) from US — Scanned from US

Summary HTTP 147 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 28 domains to perform 147 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is qa.cr-halal.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2022. Valid for: a year.

This is the only time qa.cr-halal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.241.217.15 162.241.217.15	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2606:4700:303... 2606:4700:3031::ac43:d1e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
13	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
19	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:5a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
53	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	34.117.190.90 34.117.190.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
2 2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
14	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1 1	54.163.172.97 54.163.172.97	14618 (AMAZON-AES) (AMAZON-AES)
3 3	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	44.197.4.46 44.197.4.46	14618 (AMAZON-AES) (AMAZON-AES)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80a::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d	14618 (AMAZON-AES) (AMAZON-AES)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
3 3	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.45.176.143 52.45.176.143	14618 (AMAZON-AES) (AMAZON-AES)
2 2	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
147	19

1 162.241.217.15 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5446.bluehost.com

basejumper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d1e9 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:808::2004 (United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

qa.cr-halal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29ed (United States)

ASN13335 (CLOUDFLARENET, US)

www.stilt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5a5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.punchng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.190.90 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.190.117.34.bc.googleusercontent.com

pm.geniusmonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.72.98 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.172.97 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-172-97.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.22.214 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.4.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-4-46.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.171 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.176.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-176-143.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.127.253.7 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	829 KB
34	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	205 KB
13	cr-halal.com qa.cr-halal.com	97 KB
10	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	54 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	279 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	59 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	2 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	2 KB
2	id5-sync.com 2 redirects id5-sync.com — Cisco Umbrella Rank: 471	3 KB
2	inmobi.com 2 redirects sync.inmobi.com — Cisco Umbrella Rank: 2083	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 543	2 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5415	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 560	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	901 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 554	356 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094	699 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 3920	641 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8953	665 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 6970	544 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 3396	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 723	752 B
1	geniusmonkey.com pm.geniusmonkey.com — Cisco Umbrella Rank: 14927	562 B
1	punchng.com cdn.punchng.com — Cisco Umbrella Rank: 219572	83 KB
1	stilt.com www.stilt.com — Cisco Umbrella Rank: 301119	127 KB
1	ois.is ois.is — Cisco Umbrella Rank: 348968	730 B
1	basejumper.io basejumper.io	375 B
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
147	28

	Domain	Requested by
53	tpc.googlesyndication.com	googleads.g.doubleclick.net basejumper.io tpc.googlesyndication.com pagead2.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net basejumper.io
19	pagead2.googlesyndication.com	qa.cr-halal.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	qa.cr-halal.com googleads.g.doubleclick.net
13	qa.cr-halal.com	www.google.com qa.cr-halal.com
8	www.google.com	3 redirects ois.is pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
3	eb2.3lift.com	3 redirects
2	id5-sync.com	2 redirects
2	sync.inmobi.com	2 redirects
2	sync.1rx.io	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ups.analytics.yahoo.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	b1sync.zemanta.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com www.google.com
1	match.sharethrough.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	cc.adingo.jp	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	pm.geniusmonkey.com	googleads.g.doubleclick.net
1	cdn.punchng.com	qa.cr-halal.com
1	www.stilt.com	qa.cr-halal.com
1	ois.is	basejumper.io
1	basejumper.io
0	cs.chocolateplatform.com Failed	googleads.g.doubleclick.net
147	33

This site contains links to these domains. Also see Links.

Domain
www.wired.com
blog.liquid.com
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
qa.cr-halal.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-09` - `2023-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.geniusmonkey.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-06` - `2023-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2021-10-06` - `2022-11-07`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Frame ID: 8D22FE22075DFE4D1BD207B639748327
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 9ACFB69F363D2F072CAE77782D30AD2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1665783016&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016781&bpp=5&bdt=583&idt=139&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3867664883270&frm=20&pv=2&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Frame ID: 06A587800A60C0622FEB56EE7DA3A6DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665783016&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016786&bpp=2&bdt=587&idt=158&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=klttJ9dhOK&p=https%3A//qa.cr-halal.com&dtd=165
Frame ID: 69ADA88101D69EBD289D335392F57305
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665783016&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016789&bpp=1&bdt=591&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LaruL2CZm4&p=https%3A//qa.cr-halal.com&dtd=171
Frame ID: DF003FE1A2DB9D3AE7D9B144A3D9A11D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41CDD277F4E6F39C273EE9548BB59CEC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34
Frame ID: A9A78A5EB50A93A16789E3580F2B4F52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CsMTNraJdN&p=https%3A//qa.cr-halal.com&dtd=44
Frame ID: 58697D03E395DF5B81094C1EBEAD10B6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665783018&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1833&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=XdlsibyP0k&p=https%3A//qa.cr-halal.com&dtd=48
Frame ID: D34773B32B7FFCFB81DE103CDAFD6108
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: A186961E2125EBB381E25656C02B66FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: C9AE9D4E1CE16581F76EA80EBCA9A592
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A85F073F6459CA5B3404678ACD5F28AC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AA375928DE7C3A090F176A0A49737903
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 778FE036D71E90ECC9FA38E239458BBE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 9F3B3F9D3C414181F697220AD8796328
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3827304460B8ECD8274B3249E3615F0C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: E8DFDDB1FA10BE614CE0AA8B027F5FD3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E4B676AE2CD9B0AD425FF4F8642E596
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html
Frame ID: 9C7AC5B8389E18CEC6CD35AA5E59D6B3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CVU6X6tRJY7z4BqTsxtYP37mpUNvJkvts3-zQpPsQkpvZ1owOEAEghtzOHWDJ7o6LwKSMEKABx4f4qAHIAQmoAwHIA0iqBOoBT9BxQ8rBZ1F_4j1g72Ux_lugeSK0mWkcDJEYP4poJWNB7Mp-VeTDP5oNgIfIhP3OaQiesrI_hO0HlS2h2Tvx2LgcfKTNnwUpXXi1HAf1plGl505zSQuxW8NdaCG9z7WPfi69MyWvuue3oB8oFG1_nFZP42C4GBDpcJzuLjzxd2TlEvXo2IqjXn5dUkI73JxfOpAsu0REIvh1D2Fx8yH-0qnKxYRom8NQvg-NrMheT0DlyNFb0GALueTpaB14GUbNmfZ_5EVm8hKysDnr1bblndPXEQy_EifxEiygXsn5DBcBq-U7jCDwKPBrwAT664rgiQSSBQQIBBgBkgUECAUYBKAGLoAHofiH1wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCm5wbSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=vyRdWz-gvug&uach_m=[UACH]&cid=CAQSOwDq26N9Fg-nBzUtS_Efv8qUSTL6N-dEMoqA3n7UMYDtSqqvYCQ9_8P2_8yXXlSbtySWzh99zlVTrB5SGAEgDg&template_id=419
Frame ID: E83F827EA977C8DC2C1BCB9F7E4BE3E2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: BAE7E019BAF6FFB713FD3B5D1F38DCF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F6660DBD661B37DF189035E8E01FC88
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CDD3D0B6DEE126C0338FE1B194E2888
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NOW || Earn Daily from Crypto Trading 2023 - Cryptocurrency Earning

Page URL History Show full URLs

http://basejumper.io/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from... Page URL
https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

90 %
HTTPS

47 %
IPv6

28
Domains

33
Subdomains

19
IPs

3
Countries

1738 kB
Transfer

3992 kB
Size

32
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wired.com/story/how-to-choose-set-up-crypto-wallet/
Title: in your crypto wallet

Search URL Search Domain Scan URL

URL: https://blog.liquid.com/impermanent-loss
Title: impermanent loss

Search URL Search Domain Scan URL

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://basejumper.io/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023&ved=2ahUKEwiquNiGxdj6AhUJ3RoKHeUHDnUQFnoECAcQAQ&usg=AOvVaw2uw3wvxIs7P7Al2Ep-hW8y Page URL
https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF8a10pSVs68opy-piQlOsU&google_cver=1&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIwQ8HzwCPmIsKeH33cb2njrsXQcxh1hRyHigUryym-1YaQYIsFVc9EOF8CRw5OrLdAHBeBll98A HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEF8a10pSVs68opy-piQlOsU&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIwQ8HzwCPmIsKeH33cb2njrsXQcxh1hRyHigUryym-1YaQYIsFVc9EOF8CRw5OrLdAHBeBll98A&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIwQ8HzwCPmIsKeH33cb2njrsXQcxh1hRyHigUryym-1YaQYIsFVc9EOF8CRw5OrLdAHBeBll98A&google_hm=cHhCRmhsM0lUbVZoTWpqRl94SXY=

Request Chain 84

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAKiOqbkteF9EpWz6VW6YnQ&google_cver=1&google_push=AZmPxg8RU1T4CeIPVGJQAOwTYUlAbXv_ycIb_2bO6d1NkK7tn_MB29wnTcSU1vmZmgzmchofibZPXBgd24vNHiYkdy7YV21jQZw_iDIGwTQOFYH85lDtgVAz_E5FGuH4eWCOgzmNUFwMCFAuKB0XqzEJnSaSpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHbQ-nSbTe51iwCWsRuqoWAJ-SY&google_push=AZmPxg8RU1T4CeIPVGJQAOwTYUlAbXv_ycIb_2bO6d1NkK7tn_MB29wnTcSU1vmZmgzmchofibZPXBgd24vNHiYkdy7YV21jQZw_iDIGwTQOFYH85lDtgVAz_E5FGuH4eWCOgzmNUFwMCFAuKB0XqzEJnSaSpw

Request Chain 85

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF7B-HJ9TngZyVy_wmzNQv4&google_cver=1&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9do8Q0v_--H0y3QTCGWZvlbePVrtObvp5zWvzIvebgyKqDK6rKAJx_t-Pry9g HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9do8Q0v_--H0y3QTCGWZvlbePVrtObvp5zWvzIvebgyKqDK6rKAJx_t-Pry9g&google_gid=CAESEF7B-HJ9TngZyVy_wmzNQv4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9do8Q0v_--H0y3QTCGWZvlbePVrtObvp5zWvzIvebgyKqDK6rKAJx_t-Pry9g

Request Chain 86

https://cc.adingo.jp/adx/push/?google_gid=CAESEKcLaQ3D1GsGQgsmciAs8Jk&google_cver=1&google_push=AZmPxg8zS53uBG0ICuWJZcIyMXkWDXuJzSQdv93Eq5lHbZruDnlY4B_21t9pLW55nxta9FPPBmhBbb2cy2pwqGgd_9sRSI3HASl_fOjbDwUVXPITEjeBQSV9uyRZAMdwWfR-Ol0UbsKrDwQDXWmGCrjk0t3Dvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8zS53uBG0ICuWJZcIyMXkWDXuJzSQdv93Eq5lHbZruDnlY4B_21t9pLW55nxta9FPPBmhBbb2cy2pwqGgd_9sRSI3HASl_fOjbDwUVXPITEjeBQSV9uyRZAMdwWfR-Ol0UbsKrDwQDXWmGCrjk0t3Dvg&google_hm=eece66cb203d3138a6cb26003e525f46

Request Chain 87

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEC2t5ET2KUrwP0WRu3liYnI&google_cver=1&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXsW6s65nfAmFtl4_TxIOmscW1p4pKSBWYrvKb8q7uPNJCz7tnoXyZQWnLxmZv2HrGDx52WQzNBDyoKsDk HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEC2t5ET2KUrwP0WRu3liYnI%26google_cver%3D1%26google_push%3DAZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXsW6s65nfAmFtl4_TxIOmscW1p4pKSBWYrvKb8q7uPNJCz7tnoXyZQWnLxmZv2HrGDx52WQzNBDyoKsDk HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A3164603930510196391&exchange=193&google_gid=CAESEC2t5ET2KUrwP0WRu3liYnI&google_cver=1&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXsW6s65nfAmFtl4_TxIOmscW1p4pKSBWYrvKb8q7uPNJCz7tnoXyZQWnLxmZv2HrGDx52WQzNBDyoKsDk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMxNjQ2MDM5MzA1MTAxOTYzOTE&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXsW6s65nfAmFtl4_TxIOmscW1p4pKSBWYrvKb8q7uPNJCz7tnoXyZQWnLxmZv2HrGDx52WQzNBDyoKsDk

Request Chain 88

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENO6IE0rJv84VG0c04W48SU&google_cver=1&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVnsOnnPXqz7ceCKDOx8bgeNkqTPItSNVtHoPcniTIOg9jzaXMvrWZIRNhDYCX6MlZPpnP5AcrRtItUDKAtLgTl4 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENO6IE0rJv84VG0c04W48SU&google_cver=1&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVnsOnnPXqz7ceCKDOx8bgeNkqTPItSNVtHoPcniTIOg9jzaXMvrWZIRNhDYCX6MlZPpnP5AcrRtItUDKAtLgTl4&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13Y0I3R3h4RTJ1SE1DNGJBall1U2dBTXJtQ0ZXTlRfa35B&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVnsOnnPXqz7ceCKDOx8bgeNkqTPItSNVtHoPcniTIOg9jzaXMvrWZIRNhDYCX6MlZPpnP5AcrRtItUDKAtLgTl4

Request Chain 89

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBoTdUL3Zzso7WF7B7ZKtG4&google_cver=1&google_push=AZmPxg9tW6iyLiOIgY0piPToR31b3umEpInN3KV6QBFoIxyoizAhaRlr_WSSZi922knmnIAxn4QdYUXAwJbI__bSh0p9Magdoo7j7VeoWJpPdLuyxbWhmNG2VVL6eN5uS2KrBObkHyXuKjhflhSiVG95FUiL5Kg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AZmPxg9tW6iyLiOIgY0piPToR31b3umEpInN3KV6QBFoIxyoizAhaRlr_WSSZi922knmnIAxn4QdYUXAwJbI__bSh0p9Magdoo7j7VeoWJpPdLuyxbWhmNG2VVL6eN5uS2KrBObkHyXuKjhflhSiVG95FUiL5Kg&google_hm=Jc_tlcvZR3i8hycns4ODMiY

Request Chain 106

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH8jdxz4WA_0sY5M_rx0xzo&google_cver=1&google_push=AZmPxg9QTu4VY6h3Ho6aD_jCGM2cUYfTdPwPfeVaPKmXW3qawd-G7nLm5VxLFVIetl2kTq2tl8AQ0rYvmyrNYZotHNbf2R_xX2YzUx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9QTu4VY6h3Ho6aD_jCGM2cUYfTdPwPfeVaPKmXW3qawd-G7nLm5VxLFVIetl2kTq2tl8AQ0rYvmyrNYZotHNbf2R_xX2YzUx0&google_hm=MTY0NjM2NzU5OTA0NjY4MjE0MA%3D%3D

Request Chain 108

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDz_zdILUdsLUlIapFRvRIY&google_cver=1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665783019447 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-beb85de9-785f-4ca9-8745-6086de5cb524-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA%26google_hm%3DBb64Xel4X0yph0Vght5ctSQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA&google_hm=Bb64Xel4X0yph0Vght5ctSQ

Request Chain 109

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF7B-HJ9TngZyVy_wmzNQv4&google_cver=1&google_push=AZmPxg-eJD2zAPnS2ZzPnfb3tzJoJOF2oBB_gVNzbkyExWaCpBI5mJxvKwAHHGp7GQ4gtX9aGGBehlUEXtR2_Qq3kXYnW0ZS4ceCfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-eJD2zAPnS2ZzPnfb3tzJoJOF2oBB_gVNzbkyExWaCpBI5mJxvKwAHHGp7GQ4gtX9aGGBehlUEXtR2_Qq3kXYnW0ZS4ceCfA

Request Chain 111

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDQM4nhHef94EDmNy0lr8F8&google_cver=1&google_push=AZmPxg_Mre7MUiPSdtYRt8k5E3RRSEsSQNQLK53zVCaZsVVZMtJ7bPXnyT-aYk1QBPUwnCB3tcbEJuEHlyR3gnEAFCfh73BPofDYRnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTdkNWIwY2YtZmRhOC00ZDk1LWE1MTgtMTllOTA3Zjg1YTBm&google_push=AZmPxg_Mre7MUiPSdtYRt8k5E3RRSEsSQNQLK53zVCaZsVVZMtJ7bPXnyT-aYk1QBPUwnCB3tcbEJuEHlyR3gnEAFCfh73BPofDYRnw

Request Chain 112

https://sync.inmobi.com/gob?google_gid=CAESEOyd00zw9u5pAb8JzUGwjlo&google_cver=1&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOBN1_c1figZl8QSieikhR1P01HoBofeepxG2hgw&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=4l6-3uK6_2Rc4Xkv85NM&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn&google_nid=inmobi_new_eb

147 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
basejumper.io/ 145 B
375 B 690ms
615ms Document
text/html 162.241.217.15
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://basejumper.io/
Protocol: HTTP/1.1
Server: 162.241.217.15 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5446.bluehost.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 123
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Oct 2022 21:30:13 GMT
Server: nginx/1.21.6
Vary: Accept-Encoding
X-Server-Cache: false
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 logo.png
ois.is/images/ 485 B
730 B 442ms
372ms Document
text/html 2606:4700:3031::ac43:d1e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: basejumper.io
URL: http://basejumper.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d1e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://basejumper.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75a36a3cec80333c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 21:30:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oMTLLMB8PjySuAinW2mYW49keqQ4QzWn1uhSU5Aii8e%2FVkObk47QR6p9Hj6fpvcMlFRS00GWKp9BN03XQ4FlBC4otQe%2BNpKlS5yRpeO44sFWIXUSyNdX%2FQhKVbbuQ%2FkcEl8Pzc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 1004 B
1 KB 122ms
62ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023&ved=2ahUKEwiquNiGxdj6AhUJ3RoKHeUHDnUQFnoECAcQAQ&usg=AOvVaw2uw3wvxIs7P7Al2Ep-hW8y

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 499
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 21:30:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request now-earn-daily-from-crypto-trading-2023 Show response
qa.cr-halal.com/13/ 30 KB
9 KB 1782ms
1580ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023&ved=2ahUKEwiquNiGxdj6AhUJ3RoKHeUHDnUQFnoECAcQAQ&usg=AOvVaw2uw3wvxIs7P7Al2Ep-hW8y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 0ba4387a45e603a6db29adde36e6fc6347c9f0264eb27c9d09bea3b4bcd13c81

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 8387
content-type: text/html; charset=utf-8
date: Fri, 14 Oct 2022 21:30:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 qa-styles.css
qa.cr-halal.com/qa-theme/SnowFlat/ 70 KB
16 KB 193ms
192ms Stylesheet
text/css 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 15809
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.cr-halal.com/qa-content/ 87 KB
35 KB 286ms
285ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 36075
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 qa-global.js Show response
qa.cr-halal.com/qa-content/ 20 KB
6 KB 391ms
390ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6054
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 snow-core.js Show response
qa.cr-halal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 392ms
392ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1087
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 126ms
67ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73b14063dedfdef6a0efb96f0ca34fc58cabcd698787cba24e68dd42ccba9da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54247
x-xss-protection: 0
server: cafe
etag: 15006944391909795807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 21:30:16 GMT

GET
H2 200 6-1024x576.png
www.stilt.com/wp-content/uploads/2022/03/ 131 KB
127 KB 116ms
43ms Image
image/png 2606:4700:10::ac43:29ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stilt.com/wp-content/uploads/2022/03/6-1024x576.png

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:29ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e67b814109cc3112e4b90f94d802040e7c53dacba01f272b4517d8c07732129c

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN always

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
age: 925
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Mar 2022 00:16:10 GMT
server: cloudflare
etag: W/"6222abca-20d42"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN always
content-type: image/png
cf-ray: 75a36a4e4d1cc358-EWR

GET
H2 200 Bitcoin.jpg
cdn.punchng.com/wp-content/uploads/2021/08/02162218/ 83 KB
83 KB 112ms
46ms Image
image/jpeg 2606:4700:10::ac43:5a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.punchng.com/wp-content/uploads/2021/08/02162218/Bitcoin.jpg
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad6a67c27aa9c5c3cd1af30bd445f9a7f1de2e3458f0fb9d1f5a1073e98f0d4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: JFK50-P6
age: 267898
x-cache: Hit from cloudfront
content-length: 84701
cf-bgj: h2pri
last-modified: Mon, 02 Aug 2021 14:22:19 GMT
server: cloudflare
etag: "faeec7967ef5d8d8452d83b3a519ad97"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 75a36a4e4ffa8ca8-EWR
x-amz-cf-id: xRVhSi7MY2bhRllIhyLEv19da-UmGRgF2YBlhsgCj8NKbqHozTw2Kw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 116ms
59ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29c710da8af9d4be163f9e792b0a206a77e6480728327c103b8fc4192b4c6ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Origin: https://qa.cr-halal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54419
x-xss-protection: 0
server: cafe
etag: 7554895461952864472
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 21:30:16 GMT

GET
H2 200 vote-buttons-3.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 135ms
135ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Sat, 01 Aug 2020 02:52:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1457
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 answer-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 136ms
135ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2867
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 answer-select.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 137ms
136ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1831
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 link-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 137ms
136ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3026
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 comment-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 139ms
138ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2906
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 search-icon-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 138ms
137ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1412
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.cr-halal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 225ms
224ms Image
image/gif 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7781
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 fontello.woff
qa.cr-halal.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 138ms
137ms Font
font/woff 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.cr-halal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
last-modified: Tue, 26 Jul 2016 05:31:58 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7200
expires: Fri, 21 Oct 2022 21:30:16 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
125 KB 59ms
59ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b350c7551f5f03991cf3a335f6713ed933ccd508d8ae347859a58c91a7516c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127387
x-xss-protection: 0
server: cafe
etag: 3719117291286360777
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 21:30:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 9ACF 10 KB
5 KB 85ms
26ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 19:34:15 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 19:34:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
699 B 109ms
40ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&callback=_gfp_s_&client=ca-pub-3135644639015474&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00e82a4a83156169f81faf197d6988f4c2cc70a437aabaa8fe3046e94bddc2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 113ms
51ms Script
application/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06A5 91 KB
32 KB 1047ms
994ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1665783016&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016781&bpp=5&bdt=583&idt=139&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3867664883270&frm=20&pv=2&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7cb71167999dafe252d95552af1cf8e3ed9545306ebbb89f595ac6a1fe8830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32695
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:17 GMT
expires: Fri, 14 Oct 2022 21:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69AD 68 KB
28 KB 788ms
748ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665783016&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016786&bpp=2&bdt=587&idt=158&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=klttJ9dhOK&p=https%3A//qa.cr-halal.com&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0d4857235a5e286b0b15b044c948fd67db357e9f7aad7573d40b8534f6cfbd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28192
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:17 GMT
expires: Fri, 14 Oct 2022 21:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF00 69 KB
28 KB 992ms
960ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665783016&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016789&bpp=1&bdt=591&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LaruL2CZm4&p=https%3A//qa.cr-halal.com&dtd=171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47b73a373c0be4ed136a93921be026e9e39fb88fd4db93313d1873e87c1f476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:17 GMT
expires: Fri, 14 Oct 2022 21:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2763187187087840320
tpc.googlesyndication.com/simgad/ Frame 69AD 33 KB
33 KB 115ms
55ms Image
image/gif 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2763187187087840320

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665783016&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016786&bpp=2&bdt=587&idt=158&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=klttJ9dhOK&p=https%3A//qa.cr-halal.com&dtd=165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0744ac1e460e708fe64438f0e1b44408404202a02f9f3d2266443be1846fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 04:27:49 GMT
x-content-type-options: nosniff
age: 234148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33840
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 20:15:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 04:27:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 69AD 23 KB
10 KB 87ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 69AD 3 KB
1 KB 90ms
34ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 69AD 17 KB
7 KB 86ms
30ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69AD 152 KB
47 KB 121ms
44ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:17 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 69AD 32 KB
13 KB 90ms
35ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b17be166a31cc48b3d1baaabf0d76cadae91446d255c6b6ae23d9794bdc8110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13668
x-xss-protection: 0
server: cafe
etag: 12775887211806279595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69AD 0
0 56ms
55ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cadvt6dRJY4WeAuWVvPIP2_2biA2aoujzbJC5i_GYENCX3K3zLxABIIbczh1gye6Oi8CkjBCgAcD8g8oDyAEDqAMByAPJBKoE6wFP0JrC8OGtBdG8mZqBFjqLmZekIe0i8QRcw1iDXNeB7OVpmYr4G5d7SQC-zBDXFwUqmqZvAdhTV85YFbGe4hauRrBWsQTgyXyTWkZw0dJHqNCvjWc07M5D8O_pDZMcG71PCBFmQa6rDNRi2VwXOR01K0njnaBQjy73BgkNNYi1_4y524dPJWehDz_jtUic-racg8VQy7NFadWBLnVxmk7t1WjnXPURTNXwD2rM9Ti0nLB6307_cyDpuZOcQ8b4x2K0pEBxXMyNerRozBiZa5GE5UUZVBaKEZdsllFoLogK7tmz_n55C4v0O8L-wASyvuLKiASSBQQIBBgBkgUECAUYBKAGA4AHqIP8NagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMn2I9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTM1NjQ0NjM5MDE1NDc0GAA&sigh=uCWH9NG0E9M&uach_m=[UACH]&cid=CAQSGwDq26N9GIArdRC3FzSEfVhD2PL8_qhoDuiYqBgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665783016&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016786&bpp=2&bdt=587&idt=158&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=klttJ9dhOK&p=https%3A//qa.cr-halal.com&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 21:30:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 21:30:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41CD 143 B
166 B 25ms
25ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665783016&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016786&bpp=2&bdt=587&idt=158&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=klttJ9dhOK&p=https%3A//qa.cr-halal.com&dtd=165
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69AD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daff3e0aa004e1b1dee0ea81dc59b16d03dca2ebb4d5be0bc8a6e3e03b2666e7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

52ms
52ms

Document
text/html

2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:18 GMT
expires: Fri, 14 Oct 2022 21:30:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DF00 7 KB
3 KB 81ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665783016&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016789&bpp=1&bdt=591&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LaruL2CZm4&p=https%3A//qa.cr-halal.com&dtd=171

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24990b0f369ea0118c5422ecd9f8e32c7396494bd79534d3b94994776c1f7fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 19:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
server: cafe
etag: 14289603424516195473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:07:36 GMT

GET
H3 200 10368454344012996717
tpc.googlesyndication.com/daca_images/simgad/ Frame DF00 43 KB
43 KB 83ms
29ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10368454344012996717

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1abb8857961f3b7f6d24fa84608d4d724ba5cc3c0aad092260e8bd5014f9f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:31:38 GMT
x-content-type-options: nosniff
age: 277120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44323
x-xss-protection: 0
last-modified: Fri, 27 May 2022 22:45:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 16:31:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame DF00 23 KB
9 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DF00 3 KB
1 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DF00 17 KB
7 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF00 152 KB
46 KB 123ms
70ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:18 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DF00 32 KB
13 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b17be166a31cc48b3d1baaabf0d76cadae91446d255c6b6ae23d9794bdc8110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13668
x-xss-protection: 0
server: cafe
etag: 12775887211806279595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:08 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 151 KB
54 KB 55ms
55ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5b4b025792bfb3335ee2cae42b37ef12f7c0f740556be5dc275bc66014d6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55056
x-xss-protection: 0
server: cafe
etag: 13888182635479298979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 21:30:18 GMT

GET
H3 200 async-ads.js Show response
www.google.com/adsense/search/ 142 KB
52 KB 57ms
57ms Script
text/javascript 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb87ce1768b8d2f393c9182d2aac4af1ccf19266d45574ffcd92a408a6f0d350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15542131075164456170"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:18 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 100ms
47ms Script
application/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9A7 133 KB
43 KB 1263ms
1263ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0c64d09e521f0240e75a14ea37e232ea21e2ad5de73d1a813743de13eba750

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLyVxajV4PoCFSS20QQd31wKCg&gqi=6tRJY_-MBqGI1gGzrI6ADQ&layout=/sadbundle/%24csp%253Der3%24/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 44423
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLyVxajV4PoCFSS20QQd31wKCg&gqi=6tRJY_-MBqGI1gGzrI6ADQ&layout=/sadbundle/%24csp%253Der3%24/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5869 83 KB
31 KB 895ms
894ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CsMTNraJdN&p=https%3A//qa.cr-halal.com&dtd=44

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e16bacff2e318e1c637b2404767d062a25034dea440e778750666ff17981ea3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32009
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D347 83 KB
31 KB 1140ms
1140ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665783018&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1833&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=XdlsibyP0k&p=https%3A//qa.cr-halal.com&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d713706a0d818ff0dd530c2a07925a627fec71454c914fd9373eaaa8474a6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 31585
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gm.png Show response
pm.geniusmonkey.com/i/ Frame DF00 68 B
562 B 247ms
89ms Fetch
image/png 34.117.190.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.geniusmonkey.com/i/gm.png?id=226597120&ord=48085380
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665783016&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016789&bpp=1&bdt=591&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LaruL2CZm4&p=https%3A//qa.cr-halal.com&dtd=171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.190.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.190.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
via: 1.1 google
x-guploader-uploadid: ADPycds2EOl9QOhjmuUylMOZnNzrJw0wa_snk9NsjeE2NIoIgaWlVg-PPCIwl6m6jZ6Gfe4XFaP8SwZ8K9zS7skPjPRdqKHgjSSd
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
last-modified: Tue, 07 Jun 2022 19:45:15 GMT
server: UploadServer
etag: "a6f320d9c840c938dffb785dcc2bc663"
x-goog-generation: 1654631115706147
content-type: image/png
x-goog-hash: crc32c=r9l87Q==, md5=pvMg2chAyTjf+3hdzCvGYw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 68
accept-ranges: bytes
expires: Fri, 14 Oct 2022 22:30:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF00 0
0 52ms
52ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co-fG6dRJY6z0Ab2wxtYPxZmI6AmngrCpbMqx5K-NENnZHhABIIbczh1gye6Oi8CkjBCgAYj9p-ICyAECqAMByAPJBKoE6gFP0Lph1keTO5yFOJx9pqkF1mlpbz6Wq3GHMOkMVrPTylKfHFvVhWetXdA8a8OvIJdFprN8sG8fPZ3nmOw-JvZCdW5LnMyDCwaXUQ3GDppRIXhzie5fhLLovVbImZFg1yVYrmVK-oAeXUwdKZO0InTmALvWWT_o7wZuDSly1hXKY83qdusa4FOhvbw1y0biKP33CmRiXcT2q5eJEL7sziG0NtyB4gIrgUHn0vzGzZtinr1f9b9spqEShL4G7nn4Zv19irtYTPmMGs3wkNg2v3OXDCF2QL98lOPtVBzvzKUVFJyIi8bCKrv4buPABP6unu30A5IFBAgEGAGSBQQIBRgEoAYCgAfggtidAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELLNDdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0zMTM1NjQ0NjM5MDE1NDc0GAA&sigh=G_qhta7O48k&uach_m=[UACH]&cid=CAQSGwDq26N99d_XwKGLc35kadAH9a-a8dzbrWf0rxgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665783016&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016789&bpp=1&bdt=591&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LaruL2CZm4&p=https%3A//qa.cr-halal.com&dtd=171
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 21:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame A186 36 KB
15 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame C9AE 10 KB
4 KB 28ms
26ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:18:04 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 20:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A85F 143 B
166 B 26ms
25ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665783016&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783016789&bpp=1&bdt=591&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LaruL2CZm4&p=https%3A//qa.cr-halal.com&dtd=171
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C9AE 0
0 55ms
54ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9ztP6dRJY7-AAq6FvPIPmsS9kAeaoujzbJC5i_GYENCX3K3zLxABIIbczh1gye6Oi8CkjBCgAcD8g8oDyAEDqAMByAPJBKoE5wFP0KfBLJ5GE887PCxusQkPtnKztaSkn9LEYKAUWZmrV6CWV0n7AGTrU8TQwztloZrPSoRI3r5VrA4Me7o87kWQrBxV5Xy8Gs8k3jVRen6UaiJu-tsqdlZU1U62LaNx-hNz4_46NtOE2QLTNgOYpx_HXIef0ckjV2gDFqqkuyQ86oDEAaBB5lIReCyLTD3k81JdPtA0DqAJUq0sNjo6btkFWjxhq3XRlA0YbTbTCXQz2AW4QvFmvsLw8kyvOtm-Bjm7RZ18amYl1gG37Qsxu7nb2yiyigCvDFrG4xOXJGEbuwcQUlI-v-bABLK-4sqIBJIFBAgEGAGSBQQIBRgEoAYDgAeog_w1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5MIs0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=0BBehWEjrl8&uach_m=[UACH]&cid=CAQSGwDq26N9CB4mfWWzjqdpXSN-hYID-MW1ovoQxBgBIA4

Requested by

Host: basejumper.io
URL: http://basejumper.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 21:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2763187187087840320
tpc.googlesyndication.com/simgad/ Frame C9AE 33 KB
33 KB 27ms
27ms Image
image/gif 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2763187187087840320

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0744ac1e460e708fe64438f0e1b44408404202a02f9f3d2266443be1846fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 04:27:49 GMT
x-content-type-options: nosniff
age: 234149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33840
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 20:15:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 04:27:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame C9AE 23 KB
9 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C9AE 3 KB
1 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C9AE 17 KB
7 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9AE 152 KB
46 KB 45ms
45ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:18 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C9AE 32 KB
13 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b17be166a31cc48b3d1baaabf0d76cadae91446d255c6b6ae23d9794bdc8110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13668
x-xss-protection: 0
server: cafe
etag: 12775887211806279595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:08 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 189 B
202 B 93ms
40ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&client=partner-pub-3135644639015474&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93819e1ed31f840814eed16c9157942858313b6509e9d2931425a354d0475ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 180
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A85F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
59ms

Document
text/html

2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:18 GMT
expires: Fri, 14 Oct 2022 21:30:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA37 143 B
166 B 26ms
25ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C9AE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1195470520aba60c2be02346ccbb0a3d0450af6564e1780330b7b8d43a3632db

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA37
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:18 GMT
expires: Fri, 14 Oct 2022 21:30:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 778F 36 KB
15 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F3B 36 KB
15 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69AD 42 B
64 B 99ms
46ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsug4TRln4YpoudrYQFe0MwjN6b9ahimnStPAMuv6JPJK2iU1GWx-eNs0Qi0w0hv4L3CNIozasK3Kq9Obl2SdjqjR13p_ll54mZr9lQ4pypqIGb2j151UCX5PxfDmKGLeieOu5c&sai=AMfl-YTIsjg8ARiRoAMko5Feu3KWXWMOBSL4kdClfjarF9XMO7apfcLnFJG-BqdF-0QrOYlKEoFJg4OT67Zbb-s&sig=Cg0ArKJSzIZDjTF0JIIsEAE&cid=CAQSGwDq26N9GIArdRC3FzSEfVhD2PL8_qhoDuiYqBgBIA4&id=lidar2&mcvt=1000&p=0,10,90,738&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3576269607&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665783016953&rpt=987&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5869 4 KB
1 KB 100ms
41ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CsMTNraJdN&p=https%3A//qa.cr-halal.com&dtd=44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 20:12:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 21:30:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 5869 2 KB
902 B 26ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:58:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:58:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 5869 23 KB
9 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 5869 3 KB
1 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 5869 17 KB
7 KB 27ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5869 0
0 46ms
46ms Image
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRp_Z8IyNev_zmMozMuokYk-atPzS6NVI5AQMEYmIomx-V3StXoQrBlUFwyhhLhr6Xw-1TRE23ipBJs1QJIWWA-JMuOJQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CsMTNraJdN&p=https%3A//qa.cr-halal.com&dtd=44
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5869 152 KB
46 KB 104ms
103ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:19 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 5869 33 KB
14 KB 98ms
25ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 22:19:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5869 0
0 57ms
57ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIoPn6tRJY_H8BrKxxtYPv6uz6AXbyZL7bJ_q0KT7EJKb2daMDhABIIbczh1gye6Oi8CkjBCgAceH-KgByAEJqAMByAPLBKoE5wFP0P1UNn3M05fmINxk7PcQqO7AAEOP1VXtJFVMnqL-xDpvyx9VVXkGrjk00AYMyJsOdhyBAUwSVuGWhOAkrw4LTTrjoHkTfN0v3qxw4suAOCWod4v9DqTmmBH1w8WCThD3gdrPlP26eJyxV9uTwpVqyyI7WYRrvlVmoHrwq3vzxfJ_aAjVHAokKSKfDSbc3xjaCLuXxdK4qd5vtPVV3_rdoG1_R093P6B4hiujLSMcfZP9yJyKFpftDdkpxxVHM9re4fmW2J2PiF-TgqwsOsPjnApZoMzvoqO1Mp-3adHd14bwKnQOCY3ABPrriuCJBJIFBAgEGAGSBQQIBRgEoAYugAeh-IfXAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN7kCdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=uYliTgQHtyU&uach_m=[UACH]&cid=CAQSOwDq26N9yZt0TKXgcsRpUREEn7ha-f5Yf0j1694A1uOTUG95Lh_PYGKtcQmxWff6xi2i6qNTQDJYgy2_GAEgDg&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CsMTNraJdN&p=https%3A//qa.cr-halal.com&dtd=44
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 21:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16591147983392103055/ Frame 5869 3 KB
3 KB 26ms
26ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16591147983392103055/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbdf37f8e01fa401ee5a579d41b16376db0cb5a6a4130cf1cf94e24588114be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 04:54:29 GMT
x-content-type-options: nosniff
age: 578150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2916
x-xss-protection: 0
last-modified: Wed, 25 May 2022 16:26:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Oct 2023 04:54:29 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9442014845407497377/ Frame 5869 12 KB
12 KB 26ms
26ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9442014845407497377/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d2bc6f19a3d30f6fc9cc175a7a94bb24cc9231ccf1422a94521db3141cf90d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:48:09 GMT
x-content-type-options: nosniff
age: 13330
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12331
x-xss-protection: 0
last-modified: Wed, 25 May 2022 18:26:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 17:48:09 GMT

GET
DATA 200
OK truncated
/ Frame 5869 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3827 1 KB
643 B 27ms
27ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 28369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:37:30 GMT
etag: 48472445140208031
expires: Sat, 15 Oct 2022 13:37:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5869 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc91528307cae8838620fc5509d5410fc3b43255cf003c0d6265785f5c130c42

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF8a10pSVs68opy-piQlOsU&google_cver=1&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIw...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEF8a10pSVs68opy-piQlOsU&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIw...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIwQ8HzwCPmIsKeH33cb2njrsXQcxh1hRyHigUryym-1YaQYI...

170 B
188 B

64ms
43ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIwQ8HzwCPmIsKeH33cb2njrsXQcxh1hRyHigUryym-1YaQYIsFVc9EOF8CRw5OrLdAHBeBll98A&google_hm=cHhCRmhsM0lUbVZoTWpqRl94SXY=

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 21:30:19 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_u1JUGkEzmvO3PRF0zRwqkrG7ZULGNKWPv30bHMyAQzUBeamck9Lf-bggAisN_3Hq8tlOGO2Y-nHFIwQ8HzwCPmIsKeH33cb2njrsXQcxh1hRyHigUryym-1YaQYIsFVc9EOF8CRw5OrLdAHBeBll98A&google_hm=cHhCRmhsM0lUbVZoTWpqRl94SXY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 294
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAKiOqbkteF9EpWz6VW6YnQ&google_cver=1&google_push=AZmPxg8RU1T4CeIPVGJQAOwTYUlAbXv_ycIb_2bO6d1NkK7tn_MB29wnTcSU1vmZmgzmchofibZPXBgd24vNHiY...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHbQ-nSbTe51iwCWsRuqoWAJ-SY&google_push=AZmPxg8RU1T4CeIPVGJQAOwTYUlAbXv_ycIb_2bO6d1NkK7tn_MB29wnTcSU1vmZmgzmchofibZPXBgd24vNHi...

170 B
188 B

98ms
45ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHbQ-nSbTe51iwCWsRuqoWAJ-SY&google_push=AZmPxg8RU1T4CeIPVGJQAOwTYUlAbXv_ycIb_2bO6d1NkK7tn_MB29wnTcSU1vmZmgzmchofibZPXBgd24vNHiYkdy7YV21jQZw_iDIGwTQOFYH85lDtgVAz_E5FGuH4eWCOgzmNUFwMCFAuKB0XqzEJnSaSpw

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHbQ-nSbTe51iwCWsRuqoWAJ-SY&google_push=AZmPxg8RU1T4CeIPVGJQAOwTYUlAbXv_ycIb_2bO6d1NkK7tn_MB29wnTcSU1vmZmgzmchofibZPXBgd24vNHiYkdy7YV21jQZw_iDIGwTQOFYH85lDtgVAz_E5FGuH4eWCOgzmNUFwMCFAuKB0XqzEJnSaSpw
Date: Fri, 14 Oct 2022 21:30:19 GMT
Connection: keep-alive
Content-Length: 300
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF7B-HJ9TngZyVy_wmzNQv4&google_cver=1&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9d...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFK...

170 B
188 B

97ms
46ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9do8Q0v_--H0y3QTCGWZvlbePVrtObvp5zWvzIvebgyKqDK6rKAJx_t-Pry9g

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-63uRS8FMKFSbG8ZCwRxsXOmsyen6TyspeQPkba4VV37U-iuFKmoCMLwoQcL5NPNkMIMNzXLSN-Fu_SvEAKuWd0yrTA9do8Q0v_--H0y3QTCGWZvlbePVrtObvp5zWvzIvebgyKqDK6rKAJx_t-Pry9g
date: Fri, 14 Oct 2022 21:30:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEKcLaQ3D1GsGQgsmciAs8Jk&google_cver=1&google_push=AZmPxg8zS53uBG0ICuWJZcIyMXkWDXuJzSQdv93Eq5lHbZruDnlY4B_21t9pLW55nxta9FPPBmhBbb2cy2pwqGgd_9sRSI3HASl_f...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8zS53uBG0ICuWJZcIyMXkWDXuJzSQdv93Eq5lHbZruDnlY4B_21t9pLW55nxta9FPPBmhBbb2cy2pwqGgd_9sRSI3HASl_fOjbDwUVXPITEjeBQSV9uyRZAMdwWf...

170 B
329 B

41ms
41ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8zS53uBG0ICuWJZcIyMXkWDXuJzSQdv93Eq5lHbZruDnlY4B_21t9pLW55nxta9FPPBmhBbb2cy2pwqGgd_9sRSI3HASl_fOjbDwUVXPITEjeBQSV9uyRZAMdwWfR-Ol0UbsKrDwQDXWmGCrjk0t3Dvg&google_hm=eece66cb203d3138a6cb26003e525f46

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8zS53uBG0ICuWJZcIyMXkWDXuJzSQdv93Eq5lHbZruDnlY4B_21t9pLW55nxta9FPPBmhBbb2cy2pwqGgd_9sRSI3HASl_fOjbDwUVXPITEjeBQSV9uyRZAMdwWfR-Ol0UbsKrDwQDXWmGCrjk0t3Dvg&google_hm=eece66cb203d3138a6cb26003e525f46
date: Fri, 14 Oct 2022 21:30:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEC2t5ET2KUrwP0WRu3liYnI&google_cver=1&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXs...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEC2t5ET2KUrwP0WRu3liYnI%26google_cver%3D1%26google_push%3DAZmPxg_SlEOt333bnbZ3MH...
https://rtb2-useast.e-volution.ai/sync?adkuid=A3164603930510196391&exchange=193&google_gid=CAESEC2t5ET2KUrwP0WRu3liYnI&google_cver=1&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02U...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMxNjQ2MDM5MzA1MTAxOTYzOTE&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GX...

170 B
188 B

43ms
42ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMxNjQ2MDM5MzA1MTAxOTYzOTE&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXsW6s65nfAmFtl4_TxIOmscW1p4pKSBWYrvKb8q7uPNJCz7tnoXyZQWnLxmZv2HrGDx52WQzNBDyoKsDk

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTMxNjQ2MDM5MzA1MTAxOTYzOTE&google_push=AZmPxg_SlEOt333bnbZ3MHA3_OdHd2jukaxX3GEMOQq-cb4Vb02UvEcNOWPGwNtDKl2rnf3Mdb3Y5GXsW6s65nfAmFtl4_TxIOmscW1p4pKSBWYrvKb8q7uPNJCz7tnoXyZQWnLxmZv2HrGDx52WQzNBDyoKsDk
Date: Fri, 14 Oct 2022 21:30:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENO6IE0rJv84VG0c04W48SU&google_cver=1&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVn...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENO6IE0rJv84VG0c04W48SU&google_cver=1&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVn...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13Y0I3R3h4RTJ1SE1DNGJBall1U2dBTXJtQ0ZXTlRfa35B&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hh...

170 B
188 B

55ms
43ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13Y0I3R3h4RTJ1SE1DNGJBall1U2dBTXJtQ0ZXTlRfa35B&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVnsOnnPXqz7ceCKDOx8bgeNkqTPItSNVtHoPcniTIOg9jzaXMvrWZIRNhDYCX6MlZPpnP5AcrRtItUDKAtLgTl4

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13Y0I3R3h4RTJ1SE1DNGJBall1U2dBTXJtQ0ZXTlRfa35B&google_push=AZmPxg9_foSHkdl9DpjIFz2pxo24nUZvPyh_Xu5qdh-dIHnhbee16o7hhsNF4Fyl6ODGm2erVnsOnnPXqz7ceCKDOx8bgeNkqTPItSNVtHoPcniTIOg9jzaXMvrWZIRNhDYCX6MlZPpnP5AcrRtItUDKAtLgTl4
date: Fri, 14 Oct 2022 21:30:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3827
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBoTdUL3Zzso7WF7B7ZKtG4&google_cver=1&google_push=AZmPxg9tW6iyLiOIgY0piPToR31b3umEpInN3KV6QBFoIxyoizAhaRlr_WSSZi922k...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AZmPxg9tW6iyLiOIgY0piPToR31b3umEpInN3KV6QBFoIxyoizAhaRlr_WSSZi922knmnIAxn4QdYUXAwJbI__bSh0p9Magdoo7j7VeoWJpPdLuyxb...

170 B
188 B

95ms
42ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AZmPxg9tW6iyLiOIgY0piPToR31b3umEpInN3KV6QBFoIxyoizAhaRlr_WSSZi922knmnIAxn4QdYUXAwJbI__bSh0p9Magdoo7j7VeoWJpPdLuyxbWhmNG2VVL6eN5uS2KrBObkHyXuKjhflhSiVG95FUiL5Kg&google_hm=Jc_tlcvZR3i8hycns4ODMiY

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AZmPxg9tW6iyLiOIgY0piPToR31b3umEpInN3KV6QBFoIxyoizAhaRlr_WSSZi922knmnIAxn4QdYUXAwJbI__bSh0p9Magdoo7j7VeoWJpPdLuyxbWhmNG2VVL6eN5uS2KrBObkHyXuKjhflhSiVG95FUiL5Kg&google_hm=Jc_tlcvZR3i8hycns4ODMiY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3827 0
232 B 109ms
40ms Image
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZVh7TMTcfk2sePxQttmoztDgb8ziChnvvhCaUinGflZ-iGWndBATJwaBU-0FMJwI60eEQcE-N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5869 15 KB
16 KB 85ms
27ms Font
font/woff2 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 179902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:31:57 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame E8DF 36 KB
15 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D347 4 KB
621 B 94ms
40ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665783018&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1833&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=XdlsibyP0k&p=https%3A//qa.cr-halal.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 20:21:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 21:30:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame D347 2 KB
902 B 27ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:58:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:58:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame D347 23 KB
9 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame D347 3 KB
1 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame D347 17 KB
7 KB 29ms
29ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D347 152 KB
46 KB 56ms
55ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:19 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame D347 33 KB
13 KB 80ms
27ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 22:19:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D347 0
0 54ms
54ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5nFD6tRJY_65B_vzxtYPj5er2AzbyZL7bJ_q0KT7EJKb2daMDhABIIbczh1gye6Oi8CkjBCgAceH-KgByAEJqAMByAPLBKoE5wFP0Nheci2diW7kQzssMXe8LVv4Ba_R9Wj4v2AUmVbb2QOrruptkeA9ZK-xRbp6xtjcHP4occC83OB_BRhETp1X84FuxRQbXHxw0Bmsp25nPDrW2oH9cFMhy5ymvRY5pCzcs7_CHZGH5Q9R5L_qaaDbAZ-8sFzB5CumH51Sgim2ilTb6Ci5cCj154ibjoPjKB2QsUec_IM0dJjmw1WtgKJXbNkgokSBsmGwq0cxJ2YMgtg1gyFuQnJX_dZ4m9njQngpCShL7v4RDC8NhcSq-YBXcKv--aK1i7VHLpjp9Bc3zQyVO6ysxs7ABPrriuCJBJIFBAgEGAGSBQQIBRgEoAYugAeh-IfXAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMOjBdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=bDVBpnTAtpI&uach_m=[UACH]&cid=CAQSOwDq26N9OIyn90dYohO3P6RkMuH0D-9eiK03CJRETFi0Rxfn2u1gjhSUm0XffnYenQfUr9QLhKJgD2ArGAEgDg&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665783018&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1833&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=XdlsibyP0k&p=https%3A//qa.cr-halal.com&dtd=48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 21:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16591147983392103055/ Frame D347 3 KB
3 KB 27ms
26ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16591147983392103055/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbdf37f8e01fa401ee5a579d41b16376db0cb5a6a4130cf1cf94e24588114be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 04:54:29 GMT
x-content-type-options: nosniff
age: 578150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2916
x-xss-protection: 0
last-modified: Wed, 25 May 2022 16:26:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Oct 2023 04:54:29 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13323524101476200490/ Frame D347 8 KB
8 KB 28ms
28ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13323524101476200490/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b2fc4b19355b87d92c6b7e2506a93048c449c908db2d0a56d080a224977d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 20:39:24 GMT
x-content-type-options: nosniff
age: 175855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8609
x-xss-protection: 0
last-modified: Wed, 25 May 2022 18:26:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 20:39:24 GMT

GET
DATA 200
OK truncated
/ Frame D347 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E4B 1 KB
643 B 27ms
25ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 28369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 13:37:30 GMT
etag: 48472445140208031
expires: Sat, 15 Oct 2022 13:37:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D347 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b6d96fe840aaa866cbba68054a595eac04518c75f5a636e4e878d6247681602

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E4B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH8jdxz4WA_0sY5M_rx0xzo&google_cver=1&google_push=AZmPxg9QTu4VY6h3Ho6aD_jCGM2cUYfTdPwPfeVaPKmXW3qawd-G7nLm5VxLFVIetl2kTq2tl8AQ0rYvmyrNYZotHNbf2R_...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9QTu4VY6h3Ho6aD_jCGM2cUYfTdPwPfeVaPKmXW3qawd-G7nLm5VxLFVIetl2kTq2tl8AQ0rYvmyrNYZotHNbf2R_xX2YzUx0&google_hm=MTY0NjM2NzU5OTA0NjY...

170 B
188 B

44ms
42ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9QTu4VY6h3Ho6aD_jCGM2cUYfTdPwPfeVaPKmXW3qawd-G7nLm5VxLFVIetl2kTq2tl8AQ0rYvmyrNYZotHNbf2R_xX2YzUx0&google_hm=MTY0NjM2NzU5OTA0NjY4MjE0MA%3D%3D

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 21:30:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9QTu4VY6h3Ho6aD_jCGM2cUYfTdPwPfeVaPKmXW3qawd-G7nLm5VxLFVIetl2kTq2tl8AQ0rYvmyrNYZotHNbf2R_xX2YzUx0&google_hm=MTY0NjM2NzU5OTA0NjY4MjE0MA%3D%3D
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 2E4B 43 B
641 B 527ms
173ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEF6XwXRyKHSITfzAm4cPK8g&google_cver=1&google_push=AZmPxg_54PLQS_g3WpsiA4cD-R31MGaAopEgOcdLckipKjAbcrh_VkkCIfCvSGBU8a8Ien0VgWgEF7vmODV0HTjx9fw3nqs98raS9Xw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 21:30:19 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E4B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-beb85de9-785f-4ca9-8745-6086de5cb524-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9B3KICT-ZpYIA8wMYRY...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA&google_hm=Bb64Xel4X0yph0Vght5ctSQ

170 B
188 B

42ms
41ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA&google_hm=Bb64Xel4X0yph0Vght5ctSQ

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 21:30:19 GMT
Server: Tengine
ETag: RXbeb85de9785f4ca987456086de5cb524005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9B3KICT-ZpYIA8wMYRYdRzQotKThA0LzsrIiPHE2L2RKTkKdeD8PmZGfpd8a9i2XHuMm8onLIs57HHvcAjdPHiwSILnilTmA&google_hm=Bb64Xel4X0yph0Vght5ctSQ
Content-Type: text/html
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E4B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF7B-HJ9TngZyVy_wmzNQv4&google_cver=1&google_push=AZmPxg-eJD2zAPnS2ZzPnfb3tzJoJOF2oBB_gVNzbkyExWaCpBI5mJxvKwAHHGp7GQ4gtX9aGGBehlUEXtR2_Qq3kXYnW0ZS4c...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-eJD2zAPnS2ZzPnfb3tzJoJOF2oBB_gVNzbkyExWaCpBI5mJxv...

170 B
188 B

42ms
42ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-eJD2zAPnS2ZzPnfb3tzJoJOF2oBB_gVNzbkyExWaCpBI5mJxvKwAHHGp7GQ4gtX9aGGBehlUEXtR2_Qq3kXYnW0ZS4ceCfA

Requested by

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA1NjgyMDY5MzIzODA0NTA4NDg1NA%3D%3D&google_push=AZmPxg-eJD2zAPnS2ZzPnfb3tzJoJOF2oBB_gVNzbkyExWaCpBI5mJxvKwAHHGp7GQ4gtX9aGGBehlUEXtR2_Qq3kXYnW0ZS4ceCfA
date: Fri, 14 Oct 2022 21:30:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET pub
cs.chocolateplatform.com/ Frame 2E4B 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E4B
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDQM4nhHef94EDmNy0lr8F8&google_cver=1&google_push=AZmPxg_Mre7MUiPSdtYRt8k5E3RRSEsSQNQLK53zVCaZsVVZMtJ7bPXnyT-aYk1QBPUwnCB3tcbEJuEHlyR3gnEAF...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTdkNWIwY2YtZmRhOC00ZDk1LWE1MTgtMTllOTA3Zjg1YTBm&google_push=AZmPxg_Mre7MUiPSdtYRt8k5E3RRSEsSQNQLK53zVCaZsVVZMtJ7bPXnyT-aYk1Q...

170 B
188 B

42ms
41ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTdkNWIwY2YtZmRhOC00ZDk1LWE1MTgtMTllOTA3Zjg1YTBm&google_push=AZmPxg_Mre7MUiPSdtYRt8k5E3RRSEsSQNQLK53zVCaZsVVZMtJ7bPXnyT-aYk1QBPUwnCB3tcbEJuEHlyR3gnEAFCfh73BPofDYRnw

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTdkNWIwY2YtZmRhOC00ZDk1LWE1MTgtMTllOTA3Zjg1YTBm&google_push=AZmPxg_Mre7MUiPSdtYRt8k5E3RRSEsSQNQLK53zVCaZsVVZMtJ7bPXnyT-aYk1QBPUwnCB3tcbEJuEHlyR3gnEAFCfh73BPofDYRnw
date: Fri, 14 Oct 2022 21:30:19 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E4B
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEOyd00zw9u5pAb8JzUGwjlo&google_cver=1&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4Wxy...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOBN1_c1figZl8QSieikhR1P01HoBofeepxG2hgw&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsB...
https://cm.g.doubleclick.net/pixel?google_hm=4l6-3uK6_2Rc4Xkv85NM&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn&google_nid=inm...

170 B
188 B

42ms
41ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=4l6-3uK6_2Rc4Xkv85NM&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn&google_nid=inmobi_new_eb

Protocol

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 21:30:19 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_hm=4l6-3uK6_2Rc4Xkv85NM&google_push=AZmPxg_R0zIEGwAZhxWIKunwQBoONW6JKuhG3UionCwC4WxyM23-pGYBfxqoRxv-AQDeF4ZMZFoxaHko0_Lf1hp6vQsBHPVeaouzEhCn&google_nid=inmobi_new_eb
x-download-options: noopen
vary: Accept
content-length: 229
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E4B 0
12 B 41ms
40ms Image
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGTg1IRCBIMpaQHHstZG73h_qUBRri9ne2UKHS6dwu0uYN_p6nyhSa6s4OwHKEDWhBbU1ba7E

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D347 15 KB
16 KB 80ms
27ms Font
font/woff2 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 179902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:31:57 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 17 KB
3 KB 26ms
26ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Requested by

Host: basejumper.io
URL: http://basejumper.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46460f1ce1498f4c01868c95c696731e9842a9c109d3b5f1bdc0fb096814f6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 171240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2736
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 21:56:19 GMT
expires: Thu, 12 Oct 2023 21:56:19 GMT
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E83F 0
0 54ms
54ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVU6X6tRJY7z4BqTsxtYP37mpUNvJkvts3-zQpPsQkpvZ1owOEAEghtzOHWDJ7o6LwKSMEKABx4f4qAHIAQmoAwHIA0iqBOoBT9BxQ8rBZ1F_4j1g72Ux_lugeSK0mWkcDJEYP4poJWNB7Mp-VeTDP5oNgIfIhP3OaQiesrI_hO0HlS2h2Tvx2LgcfKTNnwUpXXi1HAf1plGl505zSQuxW8NdaCG9z7WPfi69MyWvuue3oB8oFG1_nFZP42C4GBDpcJzuLjzxd2TlEvXo2IqjXn5dUkI73JxfOpAsu0REIvh1D2Fx8yH-0qnKxYRom8NQvg-NrMheT0DlyNFb0GALueTpaB14GUbNmfZ_5EVm8hKysDnr1bblndPXEQy_EifxEiygXsn5DBcBq-U7jCDwKPBrwAT664rgiQSSBQQIBBgBkgUECAUYBKAGLoAHofiH1wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCm5wbSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=vyRdWz-gvug&uach_m=[UACH]&cid=CAQSOwDq26N9Fg-nBzUtS_Efv8qUSTL6N-dEMoqA3n7UMYDtSqqvYCQ9_8P2_8yXXlSbtySWzh99zlVTrB5SGAEgDg&template_id=419

Requested by

Host: basejumper.io
URL: http://basejumper.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 21:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame E83F 23 KB
9 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:55:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame E83F 3 KB
1 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame E83F 17 KB
7 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:53:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E83F 0
0 44ms
44ms Image
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpLpBQ4OYxEN7SsCFoqpeQD8-ZHQEZvCB2uQ5Wnfd49HQUMKdm6LQUAX4kseoUMHKAecxvaRF-o6qKnuuNhU758H4NUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E83F 152 KB
46 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:19 GMT

GET
H3 200 gwdpage_style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 55 B
108 B 26ms
26ms Stylesheet
text/css 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdpage_style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 gwdpagedeck_style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 731 B
269 B 31ms
29ms Stylesheet
text/css 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdpagedeck_style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 gwdgooglead_style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 24 B
79 B 31ms
29ms Stylesheet
text/css 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdgooglead_style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 gwdimage_style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 281 B
194 B 32ms
30ms Stylesheet
text/css 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdimage_style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 googbase_min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 400 B
313 B 36ms
35ms Script
application/x-javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/googbase_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 04:55:23 GMT
age: 59696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:55:23 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 20 KB
6 KB 34ms
32ms Script
application/x-javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwd_webcomponents_v1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6276
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 gwdpage_min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 3 KB
1 KB 35ms
34ms Script
application/x-javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdpage_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 gwdpagedeck_min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 8 KB
3 KB 33ms
32ms Script
application/x-javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdpagedeck_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 04:55:23 GMT
age: 59696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3191
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:55:23 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9C7A 16 KB
6 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Oct 2022 18:30:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9C7A 34 KB
13 KB 37ms
35ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:30:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Oct 2022 18:30:37 GMT

GET
H3 200 gwdgooglead_min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 13 KB
4 KB 36ms
35ms Script
application/x-javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdgooglead_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4481
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

GET
H3 200 gwdimage_min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 5 KB
2 KB 39ms
37ms Script
application/x-javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/gwdimage_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 21:56:20 GMT
age: 171239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2014
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 21:56:20 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame E83F 0
20 B 48ms
48ms Other
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLyVxajV4PoCFSS20QQd31wKCg&gqi=6tRJY_-MBqGI1gGzrI6ADQ&layout=/sadbundle/%24csp%253Der3%24/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E83F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4123c19b611205ab83e32fee39d003fe160bcc750a458f0398bade29ae5cce1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame BAE7 36 KB
15 KB 31ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 58ms
58ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54d9d2374710ae5fa9342673937500597c76689a6b4a9a960fb9295f3d41a25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11194
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C9AE 42 B
64 B 49ms
48ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudGI-3SqOdbuDxyaYUKJmOvc29N7kFJa2R3_jRK_vvmVq0VtwmkHNF4RmIGIyts2AYLH-Yg1X3cCRUM1wx9yqSX2ypFR9pqqAECVWECnmKUZd47vGz-4S_Hxx9kHraswgnnrQ&sai=AMfl-YS-CCW3heEDE3AZoPisc8hKyXYcig6ZYskIx-SVqtvhpyvH40cX9ubmYRjy_uI4EiIjbCoCKcNNkI3czlM&sig=Cg0ArKJSzO2amaiU9cOMEAE&cid=CAQSGwDq26N9CB4mfWWzjqdpXSN-hYID-MW1ovoQxBgBIA4&id=lidar2&mcvt=1035&p=0,0,124,1005&mtos=101,801,1035,1141,1244&tos=101,700,234,106,103&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665783018118&rpt=188&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 21:30:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C7A 36 KB
15 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 200 T2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 6 KB
6 KB 30ms
28ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/T2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

690f3d69d1fd6a865412c9620686418a2c8a428bcc6ddfcb6127b59fe81e749a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 01:38:15 GMT
x-content-type-options: nosniff
age: 157924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6589
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 01:38:15 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 4 KB
4 KB 32ms
29ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

957236ea12c5b3e1ca69174b40ce0df8eca72318a001eb805a89a95320098fdc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 01:38:15 GMT
x-content-type-options: nosniff
age: 157924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 01:38:15 GMT

GET
H3 200 T1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 12 KB
12 KB 29ms
27ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/T1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

093275c495f9ac427e832b09b1cf0c9ac6aaa43ccbb088cd2ef9a049beb2f795

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 14 Oct 2022 04:55:23 GMT
x-content-type-options: nosniff
age: 59696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11873
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:55:23 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 5 KB
5 KB 35ms
34ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d7eb26f3e9d5f414127fd6550fd44bd23ae7ecf956706a566db20b87903f689

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 01:38:15 GMT
x-content-type-options: nosniff
age: 157924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4655
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 01:38:15 GMT

GET
H3 200 shape.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 5 KB
5 KB 36ms
35ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/shape.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b09ea31c6b04a0e7ce5ac464ffbb38f9bb7a02a276f2b489c8f3739af9c21796

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 14 Oct 2022 04:55:23 GMT
x-content-type-options: nosniff
age: 59696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4921
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:55:23 GMT

GET
H3 200 hero.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/ Frame 9C7A 50 KB
50 KB 32ms
31ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/hero.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c264cd07b80d394ba26f14b2653284b93ee95099809970e2ba47f0916577fa64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 01:38:15 GMT
x-content-type-options: nosniff
age: 157924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51519
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 16:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 01:38:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 21:30:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F66 13 KB
5 KB 28ms
26ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 114770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 13:37:29 GMT
expires: Fri, 13 Oct 2023 13:37:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4CDD 783 B
535 B 67ms
66ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d3fab5c9cf4540d827b7452243b7ff6b85b16d717bb446328dccb7a2e710f4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LdNbkNiLpaFQKhH5_14ugA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LdNbkNiLpaFQKhH5_14ugA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 21:30:19 GMT
expires: Fri, 14 Oct 2022 21:30:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F66 36 KB
15 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CDD 0
0 44ms
43ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=735657179812785&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F66 0
12 B 26ms
25ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SwIPNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:30:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=735657179812785&bg=!dHeldzPNAAYeOJy_Pjg7ACkAdvg8WrRFBrk8DepC8yM_Zef8KM2OWH4-1GRW0cBcvw5QMLLvfxvmrgIAAABLUgAAAAJoAQcKAOS6EYxsDo5jWPw0uK7UZ8m1X_bw7yhEps8JNWVA7-1C8En1sr9z5QJJ8sLfZvLIovRqyFf5ajklTbhhM3YNsXbExBygC8rzKp80eegV95scgEqZ8naYpQxgM55Y0ddzs0ezgOdpOmjKbP5ra3x9-9JcuAMQrp0BCxcKx9f3vJ6gYpDIe5n6eWKfV4yV2KrToHNlCrKs6YpVUhFq_nzPhSv9ntrMiZurJBmt5XAieN7jWZsTYlLF7r5JJ5yW6Gd_gZgcwiCdrHjD2MdykCycHrrSVnHCrOGoQOPQM-VqVaYNK7PCkQuZAqwj742FV6hotlOboqA2zqfS-CDew2doR_YmWPZNf8qZeTASEZA-pwrU9PtWgHmgC73Ceq0Ld9ymFjfbpUDXBLgBdvJwSzovd52JBLUUooMIJK5GwyFxlqRlcK_YW6F5QgQX3TP9wYwnDJlmAMaHGy9Z-ZQphhdRMxhqmDACb8W5O72OhAN0KyUGI6LsR10eELt-TcrsDTkEDPn_OallIW2M_5PVi_M29cOinVZeMQOr-fXnz-eCEniqhHBhbTzMdfLdEBfAeSYwrBKtZSAI2P1WOTI-P-ScCsTx-dPnCBSy9_E56MNlOuP6ipJ1l4DSq09Z6Wsz7lMikOiPBPW955bP-rgIXMdw8F_-kc_08CqKdoQEIxGh-aNnOEt8TSCqko2lhBHsEOhoUn-FpKX8cySawzGHLAJroGDQul-uBW5rYV8WymFQ7u-_ubFxlYy3vqmnCmA4v5Tpm7Wi75n3qwityAddYLrXyScs-Mk6uCvWKVkTEA2YBuT3TjIAc-wwiWkFUOTJsHe_GQs4w9ia8BFPMR69wk4vD0eGmD5rukioGvuLz4zgl1W8EcoXGGezXPEnCjYrkvmp9IKH9P9KiPDLPtcuD5hB87XLY2G0rwap5hF4dOmbp1J2pOd48pQ3xwreLLPx-VX4Hy4sE2t81sLU-VXHznWhVcIBKcZNlxVB0uMbXmv-3CJU4tP81nlbRcuYUuMAW-8hw8cQCX_xxDGzSv1WEZaElA1ai2qRe8MDlB2g0vncgC-mYo8W3wYijtAZDIgmzn6-U4i12s4SrpV8G7UnIISyBSuHNsp0zhC1S1-qJh3hRC-jTBANpQCFWZVqx1QMKo7cYm3NzIHft71R0eDnFiMRPUoO-8nWi5dt8HvxTMfO_D9i7jnssEcaJmTwmqDBwANKGQMmYDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEERuZOCyP_JQj1lskIRwqfk&google_cver=1&google_push=AZmPxg9oXYSbgHptdxwcQNJ79VWp6NwaoPjufDBBzyQYuapKE7x7rdyu6e6zJexsJXGrEwWi0jPz-99T1eO9bjcjEMtBSfMPt7G_eA

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 11:06:34	Name: NID Value: 511=FyjeraWS38spTcblACSfapEVUFgx5wKn7m7vJvHZkPEsEp6zib5675J1VDPXHA4qCCm6TuDf-vS6FM0xRvAezffYkPwyycc2Fs_hFiOOEnwDQQiEfNhiEzlfY0beH3rTo_Ul0racC48BAibJYK2JA7WbdTkl-NLhR51NFbqTJwo
qa.cr-halal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6ced367e0df43f89d4295807d36a1819
qa.cr-halal.com/	1970-01-20 06:45:55	Name: qa_key Value: 932fhfuz2wujl30g79iepha06uo3evv0
.cr-halal.com/	1970-01-20 16:04:39	Name: __gads Value: ID=6a55cf7501e9f96b-22734459b0d70005:T=1665783017:RT=1665783017:S=ALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg
.cr-halal.com/	1970-01-20 16:04:39	Name: __gpi Value: UID=00000885e86840a3:T=1665783017:RT=1665783017:S=ALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ
.doubleclick.net/	1970-01-20 16:19:03	Name: IDE Value: AHWqTUlKKtQBDDeKYpxeWVBj7b6K86_-Cv2-QR08AC5PcJvlM3cv6NHOmHnoceSpu90
.doubleclick.net/	1970-01-20 06:43:06	Name: DSID Value: NO_DATA
.cr-halal.com/	1970-01-20 16:04:39	Name: __gsas Value: ID=de0c58d47b6bb219:T=1665783018:S=ALNI_MZlEcMfsGI3wi-S21CNrzxAlBuJAw
.3lift.com/	1970-01-20 08:52:39	Name: tluid Value: 2056820693238045084854
.adingo.jp/	1970-01-20 07:26:15	Name: ID Value: eece66cb203d3138a6cb26003e525f46
.ctnsnet.com/	1970-01-20 15:28:39	Name: cid_25cfed95cbd94778bc872727b3838332 Value: 1
.ctnsnet.com/	1970-01-20 15:28:39	Name: gid_CAESEBoTdUL3Zzso7WF7B7ZKtG4 Value: 1
.zemanta.com/	1970-01-20 15:28:39	Name: zuid Value: pxBFhl3ITmVhMjjF_xIv
sync.srv.stackadapt.com/	1970-01-20 15:28:39	Name: sa-user-id Value: s%3A0-9476d0fa-749b-4dee-758b-0096b11baaa1.Ith9fmRFqjxuiugITG2Ebs9StgAfae9Ke0iCOYPgCvM
.srv.stackadapt.com/	1970-01-20 15:28:39	Name: sa-user-id-v2 Value: s%3AlHbQ-nSbTe51iwCWsRuqoWAJ-SY.PJFRaQLWTVSwmHcOWBH3Tf1JXLUUUyoo%2FYkoZIS9P%2FM
.yahoo.com/	1970-01-20 15:29:00	Name: A3 Value: d=AQABBOvUSWMCEIkK1yPNYoX7_RRS8-iczxEFEgEBAQEmS2NTYwAAAAAA_eMAAA&S=AQAAArm1Qrv_sc0MVEXmIO_KjRk
.analytics.yahoo.com/	1970-01-20 15:28:39	Name: IDSYNC Value: 18yx~27px
.adkernel.com/	1970-01-20 07:26:15	Name: ADKUID Value: A3164603930510196391
.e-volution.ai/	1970-01-20 07:03:12	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 07:26:15	Name: ADKUID Value: A3164603930510196391
.sharethrough.com/	1970-01-20 07:26:15	Name: stx_user_id Value: a7d5b0cf-fda8-4d95-a518-19e907f85a0f
.1rx.io/	1970-01-20 15:28:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-beb85de9-785f-4ca9-8745-6086de5cb524-005%22%7D
.targeting.unrulymedia.com/	1970-01-20 15:28:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-beb85de9-785f-4ca9-8745-6086de5cb524-005%22%7D
.id5-sync.com/	1970-01-20 06:43:03	Name: cf Value:
.id5-sync.com/	1970-01-20 06:43:03	Name: cip Value:
.id5-sync.com/	1970-01-20 06:43:03	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:43:03	Name: car Value:
.id5-sync.com/	1970-01-20 06:43:03	Name: gdpr Value:
.send.microad.jp/	1970-01-20 08:52:39	Name: TR Value: 115628edb7a5f8063c673424531556719afaea9d14b955b6
.id5-sync.com/	1970-01-20 08:52:39	Name: id5 Value: c33a188f-5414-49cb-a2a7-5080733c3316#1665783019794#2
.id5-sync.com/	1970-01-20 08:52:39	Name: 3pi Value:
.id5-sync.com/	1970-01-20 06:43:03	Name: callback Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665783018&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665783018031&bpp=1&bdt=1832&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a55cf7501e9f96b-22734459b0d70005%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MZRNUsmKh12R14xyj8xuLFiYvbnwg&gpic=UID%3D00000885e86840a3%3AT%3D1665783017%3ART%3D1665783017%3AS%3DALNI_MYJ2BZB_zAj3QrrO2PdQWfk6UbnPQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=3867664883270&frm=20&pv=1&ga_vid=366036633.1665783017&ga_sid=1665783017&ga_hid=221269081&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44774605%2C44773745%2C44775305&oid=2&psts=APxP-9B3UgKzqPC8k9rDhGiGVIIPMgx2YZ7OguaktxCpZNnRV8OMwbU78c9-6trm5DCY6joQ3G9oT82Vt8RPhrM&pvsid=735657179812785&tmod=416456922&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=NulORux5V8&p=https%3A//qa.cr-halal.com&dtd=34 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1203503590862943540/33791-03_WF_PRO_PM_HADA_300x250_RT_AN_1_08-2022/index.html".
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEERuZOCyP_JQj1lskIRwqfk&google_cver=1&google_push=AZmPxg9oXYSbgHptdxwcQNJ79VWp6NwaoPjufDBBzyQYuapKE7x7rdyu6e6zJexsJXGrEwWi0jPz-99T1eO9bjcjEMtBSfMPt7G_eA Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
aid.send.microad.jp
b1sync.zemanta.com
basejumper.io
cc.adingo.jp
cdn.punchng.com
cm.g.doubleclick.net
cs.chocolateplatform.com
dsp.adkernel.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
ius.ctnsnet.com
match.sharethrough.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pm.geniusmonkey.com
pr-bh.ybp.yahoo.com
qa.cr-halal.com
rtb2-useast.e-volution.ai
sync.1rx.io
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.stilt.com
cs.chocolateplatform.com
141.95.98.65
142.250.72.98
162.241.217.15
174.137.133.49
199.127.204.171
20.127.253.7
202.233.84.1
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d
2606:4700:10::ac43:29ed
2606:4700:10::ac43:5a5
2606:4700:3031::ac43:d1e9
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::200a
34.117.190.90
35.186.193.173
44.197.4.46
52.223.22.214
52.45.176.143
52.45.33.138
54.163.172.97
64.202.112.95
66.29.132.14
00e82a4a83156169f81faf197d6988f4c2cc70a437aabaa8fe3046e94bddc2a6
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
093275c495f9ac427e832b09b1cf0c9ac6aaa43ccbb088cd2ef9a049beb2f795
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba4387a45e603a6db29adde36e6fc6347c9f0264eb27c9d09bea3b4bcd13c81
0d2bc6f19a3d30f6fc9cc175a7a94bb24cc9231ccf1422a94521db3141cf90d9
1195470520aba60c2be02346ccbb0a3d0450af6564e1780330b7b8d43a3632db
11b2fc4b19355b87d92c6b7e2506a93048c449c908db2d0a56d080a224977d87
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1b6d96fe840aaa866cbba68054a595eac04518c75f5a636e4e878d6247681602
1d3fab5c9cf4540d827b7452243b7ff6b85b16d717bb446328dccb7a2e710f4c
24990b0f369ea0118c5422ecd9f8e32c7396494bd79534d3b94994776c1f7fb2
2a0c64d09e521f0240e75a14ea37e232ea21e2ad5de73d1a813743de13eba750
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b350c7551f5f03991cf3a335f6713ed933ccd508d8ae347859a58c91a7516c5
2d713706a0d818ff0dd530c2a07925a627fec71454c914fd9373eaaa8474a6a8
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
4dbdf37f8e01fa401ee5a579d41b16376db0cb5a6a4130cf1cf94e24588114be
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
54d9d2374710ae5fa9342673937500597c76689a6b4a9a960fb9295f3d41a25f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a7cb71167999dafe252d95552af1cf8e3ed9545306ebbb89f595ac6a1fe8830
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
690f3d69d1fd6a865412c9620686418a2c8a428bcc6ddfcb6127b59fe81e749a
6d7eb26f3e9d5f414127fd6550fd44bd23ae7ecf956706a566db20b87903f689
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
73b14063dedfdef6a0efb96f0ca34fc58cabcd698787cba24e68dd42ccba9da5
7b17be166a31cc48b3d1baaabf0d76cadae91446d255c6b6ae23d9794bdc8110
7e0744ac1e460e708fe64438f0e1b44408404202a02f9f3d2266443be1846fb3
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93819e1ed31f840814eed16c9157942858313b6509e9d2931425a354d0475ea8
957236ea12c5b3e1ca69174b40ce0df8eca72318a001eb805a89a95320098fdc
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5b4b025792bfb3335ee2cae42b37ef12f7c0f740556be5dc275bc66014d6b6
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
a0d4857235a5e286b0b15b044c948fd67db357e9f7aad7573d40b8534f6cfbd8
a4123c19b611205ab83e32fee39d003fe160bcc750a458f0398bade29ae5cce1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ad6a67c27aa9c5c3cd1af30bd445f9a7f1de2e3458f0fb9d1f5a1073e98f0d4d
b09ea31c6b04a0e7ce5ac464ffbb38f9bb7a02a276f2b489c8f3739af9c21796
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
c264cd07b80d394ba26f14b2653284b93ee95099809970e2ba47f0916577fa64
c29c710da8af9d4be163f9e792b0a206a77e6480728327c103b8fc4192b4c6ba
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
d46460f1ce1498f4c01868c95c696731e9842a9c109d3b5f1bdc0fb096814f6c
d47b73a373c0be4ed136a93921be026e9e39fb88fd4db93313d1873e87c1f476
daff3e0aa004e1b1dee0ea81dc59b16d03dca2ebb4d5be0bc8a6e3e03b2666e7
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
dc91528307cae8838620fc5509d5410fc3b43255cf003c0d6265785f5c130c42
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e16bacff2e318e1c637b2404767d062a25034dea440e778750666ff17981ea3b
e1abb8857961f3b7f6d24fa84608d4d724ba5cc3c0aad092260e8bd5014f9f9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e67b814109cc3112e4b90f94d802040e7c53dacba01f272b4517d8c07732129c
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fb87ce1768b8d2f393c9182d2aac4af1ccf19266d45574ffcd92a408a6f0d350
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

qa.cr-halal.com Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

90 %HTTPS

47 %IPv6

28 Domains

33 Subdomains

19 IPs

3 Countries

1738 kBTransfer

3992 kBSize

32 Cookies

4 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

90 %
HTTPS

47 %
IPv6

28
Domains

33
Subdomains

19
IPs

3
Countries

1738 kB
Transfer

3992 kB
Size

32
Cookies

147 HTTP transactions
7 data transactions