qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://logicpalm.com/
Effective URL:
https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Submission: On October 28 via manual (October 28th 2022, 7:29:32 am UTC) from HU — Scanned from DE

Summary HTTP 173 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 25 domains to perform 173 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is qa.cr-halal.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2022. Valid for: a year.

This is the only time qa.cr-halal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	98.129.229.50 98.129.229.50	53824 (LIQUIDWEB) (LIQUIDWEB)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 10	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
13	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 1	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
1	192.124.249.5 192.124.249.5	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:10:... 2606:4700:10::6816:6f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
3 3	3.66.100.67 3.66.100.67	16509 (AMAZON-02) (AMAZON-02)
16	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5 5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce	16509 (AMAZON-02) (AMAZON-02)
173	25

1 98.129.229.50 (United States)

ASN53824 (LIQUIDWEB, US)

logicpalm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

qa.cr-halal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.5 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10005.sucuri.net

www.analyticsinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:6f6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.stilt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.66.100.67 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-100-67.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	881 KB
40	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 209	253 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	157 KB
13	cr-halal.com qa.cr-halal.com	86 KB
12	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	55 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 189	329 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	5 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 663	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	1 KB
3	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	116 B
3	agkn.com 3 redirects d.agkn.com — Cisco Umbrella Rank: 644	2 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 640	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1372	415 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9234	914 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	896 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1519	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 940	356 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2846	347 B
1	stilt.com www.stilt.com — Cisco Umbrella Rank: 358505	96 KB
1	analyticsinsight.net www.analyticsinsight.net — Cisco Umbrella Rank: 328428	113 KB
1	shortpixel.ai 1 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 17620	709 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	75 KB
1	ois.is ois.is — Cisco Umbrella Rank: 385071	717 B
1	logicpalm.com logicpalm.com	379 B
173	25

	Domain	Requested by
46	tpc.googlesyndication.com	googleads.g.doubleclick.net logicpalm.com tpc.googlesyndication.com pagead2.googlesyndication.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net logicpalm.com
21	pagead2.googlesyndication.com	qa.cr-halal.com pagead2.googlesyndication.com googleads.g.doubleclick.net logicpalm.com tpc.googlesyndication.com www.googletagservices.com
16	cm.g.doubleclick.net	qa.cr-halal.com googleads.g.doubleclick.net
13	qa.cr-halal.com	www.google.com qa.cr-halal.com
10	www.google.com	4 redirects ois.is pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	image6.pubmatic.com	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
3	ssum-sec.casalemedia.com	3 redirects
3	pixel.rubiconproject.com	3 redirects
3	id.rlcdn.com	googleads.g.doubleclick.net
3	d.agkn.com	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com www.google.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.stilt.com	qa.cr-halal.com
1	www.analyticsinsight.net	qa.cr-halal.com
1	sp-ao.shortpixel.ai	1 redirects
1	www.googletagmanager.com	qa.cr-halal.com
1	ois.is	logicpalm.com
1	logicpalm.com
173	29

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
qa.cr-halal.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-09` - `2023-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Frame ID: 5CF970A2894AE6A62EFD2AF16CF4C37E
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: 7433F6933E5B9B8FFFCC9C6BF6CBA521
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1666942167&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167635&bpp=5&bdt=612&idt=83&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=499929593082&frm=20&pv=2&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: 17DBB53145B5AB99D76A1C03B1D6F0C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1666942167&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167640&bpp=2&bdt=617&idt=100&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qjhcV2q4IL&p=https%3A//qa.cr-halal.com&dtd=105
Frame ID: A9ED9D00C2D35EC4793289AC7F4DAACC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1666942167&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167643&bpp=1&bdt=621&idt=109&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8HFVWqidBe&p=https%3A//qa.cr-halal.com&dtd=111
Frame ID: CA6F9462E692425BA8A3AB5521DABCC4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
Frame ID: D0BDD4A828DFF904489227FDC5D1088E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ijq36w8JOp&p=https%3A//qa.cr-halal.com&dtd=16
Frame ID: 053638BAF18907660B62A3E4EEC3F9DD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21
Frame ID: FEEC0F7EC69751203394CCFFCAB8561A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6
Frame ID: 6B8AB49FD9AA2CAE0FBCFFFC4BCC59FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: DA0FDEE3D0672A178D9681F75B9BD7D7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9C41A3223FEFE36BBFDF46D76BBC2994
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 61DF616561D3431C3ADA5CFE96427B20
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E7219ADAFBA4819E2E9DE9E992D16375
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5F9724FB7E69C52886F4229B1C198412
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 3EFF094B68ECB5BF39CF01BA4EB1D2A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 625F9A8706E8B1CB17A12F43389658EA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5570A83A53682EF45ADFF054D0474B22
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html
Frame ID: 9FEA0196EF028D91ED874FBACC8E3070
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZ8wa2IRbY571J4SKtwfz-KmgDY7tloRtjsXbgskQsJAfEAEghtzOHWCVwqaCsAegAa2NwsECyAEJqQIwXSzWUcOwPqgDAcgDSKoE-AFP0CHuPgQvV0EZdXCWPIJikFaYrKz2E9QLNR82fJ72BReutzY9sSrtMVfbfbc_8GHb0TKdeq-8zmxtj1cRXn-yXvfIVrBmQSPoZXtPeZWQGIZt9jyY0qCPoHNffsCGx0DFjSM2x0PElZk5enGXp39hvR6kb4VyODF7_Nl1xSXBIn34e7YpVhNOT_iIIqO4MeIKXwLtn7bVgxd9slI2K6l_smPhcJQIuWrVroX70RDsDBuDkelr4n5TjosqTWuiHg1E6LOcyM62rLwxUhCoytGQy6sg1D-P1hbt3rlEWdVdqB18O1lul1B85zqTujqkAudyKwM2rwOc6cAEpsnIwYwEkgUECAQYAZIFBAgFGASgBi6AB-nZjWqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCiWNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=f_ZMHC9MANo&uach_m=[UACH]&template_id=419
Frame ID: 7B41E99E4EF9DCAA3C826DDDE482D403
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AA61343A21097B1691ACFA7B2E0F5B40
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 882B743E51BB51699323D9FD17684F4F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 4D4E9CC840CBBE854979CD9626D310AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: DE7507C63A13A1B4ECD738DF8775F3C9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 113C835579305826297FCF47C2D9CDA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 285FDEC8D990274DE5CEF4162AFB062D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 905D0EFDBFA7AC3DAACB31A3D33C03A4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: EA2606B9D1C19128EC25284B2F5C1CF0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D24E5DA038BC5D446517AB34F0F410EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2828AF5BAFA2D7A505006CE34CAC7621
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

7 Ways to Make Money Every Day in Crypto - Cryptocurrency Earning

Page URL History Show full URLs

http://logicpalm.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-mone... Page URL
https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

173
Requests

91 %
HTTPS

59 %
IPv6

25
Domains

29
Subdomains

25
IPs

4
Countries

2053 kB
Transfer

4985 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://logicpalm.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto&ved=2ahUKEwjT_vjB3eD6AhWi8rsIHS_vDS8QFnoECBMQAQ&usg=AOvVaw2BTLSxZUOfSKfRjEqFys1q Page URL
https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_900/https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg HTTP 302
https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://d.agkn.com/pixel/2175/?google_gid=CAESELlWgoOdvkd5UbhdlXQd8sA&google_cver=1&google_push=AZmPxg9MyZ7Cr03TH4zpwdOXvEUOWJ9ujh36YFeoR94mR9blsP8UKfLt8upgdQY19oGOif_CKz1rKx_8uJlzXF3m6g39DCVe_y4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9MyZ7Cr03TH4zpwdOXvEUOWJ9ujh36YFeoR94mR9blsP8UKfLt8upgdQY19oGOif_CKz1rKx_8uJlzXF3m6g39DCVe_y4&google_hm=Q0FFU0VMbFdnb09kdmtkNVViaGRsWFFkOHNB

Request Chain 122

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL-AIrvDBdxWihbly52_Ha0&google_cver=1&google_push=AZmPxg8yaezJK-GwRtRbRH6BybJRK2lg2niQdVOefkLnLhMqIcsUnc3gVSEJLtrrQoIpadmXjBVpkaAwrDNzwnsuY2C4txFuTCM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL-AIrvDBdxWihbly52_Ha0&google_cver=1&google_push=AZmPxg8yaezJK-GwRtRbRH6BybJRK2lg2niQdVOefkLnLhMqIcsUnc3gVSEJLtrrQoIpadmXjBVpkaAwrDNzwnsuY2C4txFuTCM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JZx5sMJWRlWl8Ef-3Tv9qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8yaezJK-GwRtRbRH6BybJRK2lg2niQdVOefkLnLhMqIcsUnc3gVSEJLtrrQoIpadmXjBVpkaAwrDNzwnsuY2C4txFuTCM

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEASzRzlQG9EwpRD_aI4gD9E&google_cver=1&google_push=AZmPxg83wGj5hR-EdeWW7W2T150UAwojsxATdEFjaceMtk4yMAUS8YS4BymFaBsxFBCUVjGW-r3LGYX-eWHO-401_-RMo6g-9RE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUUTgtMVUtRlo2WA==&google_push=AZmPxg83wGj5hR-EdeWW7W2T150UAwojsxATdEFjaceMtk4yMAUS8YS4BymFaBsxFBCUVjGW-r3LGYX-eWHO-401_-RMo6g-9RE

Request Chain 124

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_cver=1&google_push=AZmPxg92VDD0F9nF7q72xigVBscmZ8JNXA6VqT4fd6IqrG7NDPv3nGE2mZNez09ZTkgYdqk9zsaCJsp4p7sYbY7WM6yFjb-zz9Y HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_push=AZmPxg92VDD0F9nF7q72xigVBscmZ8JNXA6VqT4fd6IqrG7NDPv3nGE2mZNez09ZTkgYdqk9zsaCJsp4p7sYbY7WM6yFjb-zz9Y&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg92VDD0F9nF7q72xigVBscmZ8JNXA6VqT4fd6IqrG7NDPv3nGE2mZNez09ZTkgYdqk9zsaCJsp4p7sYbY7WM6yFjb-zz9Y

Request Chain 144

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFzA0VVIUSL3fyiBUYlHGfs&google_cver=1&google_push=AZmPxg_sqvWGv5jkEoyv2P1sFGsN5ZZ0N2xPCt5y5pjjVxzP0x2NAbFmsJKO6IBcnbHlteumcG8uGMspQNnX3iT5qoekyPaZU-U HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_sqvWGv5jkEoyv2P1sFGsN5ZZ0N2xPCt5y5pjjVxzP0x2NAbFmsJKO6IBcnbHlteumcG8uGMspQNnX3iT5qoekyPaZU-U&google_hm=oKsAd3CQhNtPMDh7Vl4tcg

Request Chain 145

https://d.agkn.com/pixel/2175/?google_gid=CAESEIwkJK7yrcxGILgMk3A0-Qk&google_cver=1&google_push=AZmPxg_nuFuNdNHG3N3BpsOgdih0Y7bZikJKN5BqhFW8GEGak-9LjDXBPoJApNn0z2tDQV0502fSJCGfVJuO4qr1XsDyj8smXX0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_nuFuNdNHG3N3BpsOgdih0Y7bZikJKN5BqhFW8GEGak-9LjDXBPoJApNn0z2tDQV0502fSJCGfVJuO4qr1XsDyj8smXX0&google_hm=Q0FFU0VJd2tKSzd5cmN4R0lMZ01rM0EwLVFr

Request Chain 148

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEN80sKWIE4OQDi9vFJW3u4&google_cver=1&google_push=AZmPxg85ulRiMP5keOj0GQINxEawKLw4Lp55H6hWmYRuFI2cXDd8GM7czM6ytqHgXRi5Z6FCi8IsJQsrEKtCfa6A_V0_5w3M3w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEN80sKWIE4OQDi9vFJW3u4&google_cver=1&google_push=AZmPxg85ulRiMP5keOj0GQINxEawKLw4Lp55H6hWmYRuFI2cXDd8GM7czM6ytqHgXRi5Z6FCi8IsJQsrEKtCfa6A_V0_5w3M3w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg85ulRiMP5keOj0GQINxEawKLw4Lp55H6hWmYRuFI2cXDd8GM7czM6ytqHgXRi5Z6FCi8IsJQsrEKtCfa6A_V0_5w3M3w

Request Chain 149

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIP9D0HGKrn9_P_cRRwPzOo&google_cver=1&google_push=AZmPxg8J9Vg6ymFxo8SuldYoLwg28ItFkWPr2t8B2hstf5U-JSP4QsYhK2nhMpxiRZiUsa5rnBCqEIxK25hJelEvQJ0Maah_zQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUU1MtMi1FM1hM&google_push=AZmPxg8J9Vg6ymFxo8SuldYoLwg28ItFkWPr2t8B2hstf5U-JSP4QsYhK2nhMpxiRZiUsa5rnBCqEIxK25hJelEvQJ0Maah_zQ

Request Chain 150

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-x3RO3GysHvJVshCebBts&google_cver=1&google_push=AZmPxg_AOpIIcnYdNBM5WQGZ7gUrmyFUqiOmgyCBOCCrcNxKvCJ6feaM3ynma53hTHq7IFqwTnionrz5gVSrIZAvtnYo3TLBo1M HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-x3RO3GysHvJVshCebBts&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg_AOpIIcnYdNBM5WQGZ7gUrmyFUqiOmgyCBOCCrcNxKvCJ6feaM3ynma53hTHq7IFqwTnionrz5gVSrIZAvtnYo3TLBo1M

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDOf8eI5wDuJo2Ft3zCxvfM&google_cver=1&google_push=AZmPxg_MUpXb_5z7cghFdYAdtsdhptVcaM8ZQMCwgcTM0aF8MG4YUezOvvqeo0iUZNl6QugYxVeq3iXZqYMEBzpZbZmvikCdOeA_ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_MUpXb_5z7cghFdYAdtsdhptVcaM8ZQMCwgcTM0aF8MG4YUezOvvqeo0iUZNl6QugYxVeq3iXZqYMEBzpZbZmvikCdOeA_&google_hm=oKsAd3CQhNtPMDh7Vl4tcg

Request Chain 160

https://d.agkn.com/pixel/2175/?google_gid=CAESELfePPi4J5Wsp3uOM2m37dE&google_cver=1&google_push=AZmPxg9u5oUYntUgn19DL29asJ3-0emImSdqWHJdSifTYl5kXIPBXC84fjr3TXqHmqgUM9LjI5lZIsFyxFFGBQQCDN1dzrZjF3dX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9u5oUYntUgn19DL29asJ3-0emImSdqWHJdSifTYl5kXIPBXC84fjr3TXqHmqgUM9LjI5lZIsFyxFFGBQQCDN1dzrZjF3dX&google_hm=Q0FFU0VMZmVQUGk0SjVXc3AzdU9NMm0zN2RF

Request Chain 163

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELPEoQcqPoj9jegZnaTC0_k&google_cver=1&google_push=AZmPxg8Qvnf1TXJf8Pn9N1e1ILxJLaIj1Gr8hkKu3XruCrSt31khvSGYORCRoGVz7-kZSCpfebpsmMK53fkOGJpRfJ1uy_WKg2sl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8Qvnf1TXJf8Pn9N1e1ILxJLaIj1Gr8hkKu3XruCrSt31khvSGYORCRoGVz7-kZSCpfebpsmMK53fkOGJpRfJ1uy_WKg2sl

Request Chain 164

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENOyFaPnNwJxkuSjDt-W0iQ&google_cver=1&google_push=AZmPxg-wrT6pVNH-ya024LrcplYFccusRJcLMVR1hdC8eMxNXre6mQyQxHE96Z3lg9xVTXkTFR9m-1rJKSXdEePCEFiineJjKmKS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJVMEstMU4tSEpETg==&google_push=AZmPxg-wrT6pVNH-ya024LrcplYFccusRJcLMVR1hdC8eMxNXre6mQyQxHE96Z3lg9xVTXkTFR9m-1rJKSXdEePCEFiineJjKmKS

Request Chain 168

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

173 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
logicpalm.com/ 145 B
379 B 376ms
172ms Document
text/html 98.129.229.50
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://logicpalm.com/
Protocol: HTTP/1.1
Server: 98.129.229.50 , United States, ASN53824 (LIQUIDWEB, US),
Reverse DNS
Software: Apache/2.4 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 145
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 07:29:26 GMT
Server: Apache/2.4

GET
H2 200 logo.png
ois.is/images/ 487 B
717 B 96ms
42ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: logicpalm.com
URL: http://logicpalm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://logicpalm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7611f5daddadf18f-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 07:29:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuQvs9AOalc95soppVONF41BCLw5bNy9S5I4Mb0oYle28j9AdRVSCZMfuFyCSbjAVx9d88e5cIGjKaQ4KLTOqR9%2FSCExyG3%2B4HwKGKejYENXJXAFLzqDigeraDxNy85ezrmCYkI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 1006 B
1 KB 84ms
44ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto&ved=2ahUKEwjT_vjB3eD6AhWi8rsIHS_vDS8QFnoECBMQAQ&usg=AOvVaw2BTLSxZUOfSKfRjEqFys1q

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 497
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 07:29:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request 7-ways-to-make-money-every-day-in-crypto Show response
qa.cr-halal.com/11/ 35 KB
9 KB 649ms
330ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto&ved=2ahUKEwjT_vjB3eD6AhWi8rsIHS_vDS8QFnoECBMQAQ&usg=AOvVaw2BTLSxZUOfSKfRjEqFys1q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: d423a20d43c8f430ef7a533a75d72428fab8cde363012601fee76423b860bbd6

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 8772
content-type: text/html; charset=utf-8
date: Fri, 28 Oct 2022 07:29:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 qa-styles.css
qa.cr-halal.com/qa-theme/SnowFlat/ 70 KB
11 KB 313ms
311ms Stylesheet
text/css 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11456
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.cr-halal.com/qa-content/ 87 KB
30 KB 313ms
312ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30282
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 qa-global.js Show response
qa.cr-halal.com/qa-content/ 20 KB
5 KB 466ms
465ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4765
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 snow-core.js Show response
qa.cr-halal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 467ms
466ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 885
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 59ms
22ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V7K5ME1CH7

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14ce6d73839e296ca1dc784e0742a21fb252f4d844b8f2bde0f0c530e87ade2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 07:29:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 99ms
50ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13dde8b06af02f2ed8ff1a0f929e6123350f0c21b08dadd63cd442c680a24635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55182
x-xss-protection: 0
server: cafe
etag: 4086736586044240337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 07:29:27 GMT

GET
H2

200

Skype_Picture_2022_05_09T06_33_18_388Z.jpg
www.analyticsinsight.net/wp-content/uploads/2022/05/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_900/https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg
https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg

112 KB
113 KB

45ms
7ms

Image
image/jpeg

192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

a2b0e59a8e051718635735716392aedcf9d714a7b352c4a0d7cb72cc182568bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 16:51:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15005
accept-ranges: bytes
content-length: 114786
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 28 Oct 2022 07:29:27 GMT
cdn-edgestorageid: 713
cdn-cachedat: 10/27/2022 08:18:42
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.analyticsinsight.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE-713
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.analyticsinsight.net/wp-content/uploads/2022/05/Skype_Picture_2022_05_09T06_33_18_388Z.jpg
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: c7149a07ab3410704014da3a09d107d7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 4-1024x576.png
www.stilt.com/wp-content/uploads/2022/03/ 109 KB
96 KB 65ms
29ms Image
image/png 2606:4700:10::6816:6f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stilt.com/wp-content/uploads/2022/03/4-1024x576.png

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:6f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2fed796bc88dc10c8540676338f4c712b58ffaa2bc7db5a5a93f36bc37ae052

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
age: 7172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Mar 2022 00:15:43 GMT
server: cloudflare
etag: W/"6222abaf-1b359"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN always
content-type: image/png
cf-ray: 7611f5e31d69bbb9-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 93ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d65570a32b92688049262e146b10cad84bd314fd6724959e6c0fbeb338e5d6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Origin: https://qa.cr-halal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55414
x-xss-protection: 0
server: cafe
etag: 12966373179042110573
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 07:29:27 GMT

GET
H2 200 vote-buttons-3.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 154ms
154ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Sat, 01 Aug 2020 02:52:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1457
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 fontello.woff
qa.cr-halal.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 155ms
154ms Font
font/woff 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.cr-halal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:25 GMT
last-modified: Tue, 26 Jul 2016 05:31:58 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7200
expires: Fri, 04 Nov 2022 07:29:25 GMT

GET
H2 200 answer-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 154ms
153ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2867
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 answer-select.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 156ms
154ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1831
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 link-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 156ms
154ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3026
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 comment-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 156ms
155ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2906
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 search-icon-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 279ms
277ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1412
expires: Fri, 04 Nov 2022 07:29:27 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.cr-halal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 279ms
278ms Image
image/gif 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7781
expires: Fri, 04 Nov 2022 07:29:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V7K5ME1CH7&gtm=2oeaq0&_p=339978755&cid=1536275520.1666942168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666942167&sct=1&seg=0&dl=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&dr=https%3A%2F%2Fwww.google.com%2F&dt=7%20Ways%20to%20Make%20Money%20Every%20Day%20in%20Crypto%20-%20Cryptocurrency%20Earning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V7K5ME1CH7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qa.cr-halal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 353 KB
116 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331a6da4879787ac4138530f975816d8ff2b4f1a34e05407de21dd637c2b575e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118768
x-xss-protection: 0
server: cafe
etag: 14863055867766273801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 07:29:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame 7433 10 KB
5 KB 53ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:00:30 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:00:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 79ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&callback=_gfp_s_&client=ca-pub-3135644639015474&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39af75b2973d55127bd438606d0e9851a0d419d57949016ac60145c634290dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 116ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 89ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17DB 259 KB
66 KB 782ms
750ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1666942167&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167635&bpp=5&bdt=612&idt=83&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=499929593082&frm=20&pv=2&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4c7a67ce4329873a82bbfb65d488ff707d2c9c99c998d3176bd0ffc1410d8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67039
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:28 GMT
expires: Fri, 28 Oct 2022 07:29:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9ED 86 KB
31 KB 1281ms
1261ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1666942167&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167640&bpp=2&bdt=617&idt=100&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qjhcV2q4IL&p=https%3A//qa.cr-halal.com&dtd=105

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b4aef72d36872a4e14b620db3eb2521b72c8e4b0161e5b3c5d338846490ca8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31755
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA6F 436 B
238 B 477ms
466ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1666942167&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167643&bpp=1&bdt=621&idt=109&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8HFVWqidBe&p=https%3A//qa.cr-halal.com&dtd=111

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4b44746ce70579da0faf61fd01d1d8494924a9a6e436fba4ab453aeb06d375d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:28 GMT
expires: Fri, 28 Oct 2022 07:29:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 151 KB
51 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b12898482d198a7677b78c64310171b40d1662e677853e147e322a0064963e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52383
x-xss-protection: 0
server: cafe
etag: 18054447347938031677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H3 200 async-ads.js Show response
www.google.com/adsense/search/ 143 KB
52 KB 54ms
23ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df1c787820c2de5ff4525976ef7d03d26f24276a2634e4e32b6c2c1982577d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7525481490114688328"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
24ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0BD 76 KB
31 KB 836ms
835ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a9f0c8411d308685602d699930d1f7c870dfcb89fef0ced3cbfe0f477a53ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31954
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0536 86 KB
32 KB 430ms
429ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ijq36w8JOp&p=https%3A//qa.cr-halal.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5338841424c465c8b7ff1c30f363340ef319a3457c3223c42c0919aa6bf94f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33138
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FEEC 86 KB
32 KB 515ms
514ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

805f8d59de00fbdd3f2ca9b01a168c2c0771d1ec8256001572475aec6d70d6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33060
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B8A 135 KB
44 KB 554ms
553ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

804bc65715c991319244d74e36c1abbcb11fd688fe66ce30504e2f13948d2185

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7By76zgvsCFQTF7Qodc3wK1A&gqi=2IRbY5zJJsmG9fgP0YaRqAk&layout=/sadbundle/%24csp%253Der3%24/15703516274139381260/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45271
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7By76zgvsCFQTF7Qodc3wK1A&gqi=2IRbY5zJJsmG9fgP0YaRqAk&layout=/sadbundle/%24csp%253Der3%24/15703516274139381260/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 189 B
200 B 52ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&client=partner-pub-3135644639015474&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

391bb72d37bb10923506304c92726eb77213e80ded2360e2308fe8055ab8e5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame DA0F 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:11:50 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:11:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame 9C41 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:11:50 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:11:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DA0F 4 KB
1 KB 58ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 07:28:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA0F 205 B
294 B 65ms
27ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:35:51 GMT
x-content-type-options: nosniff
age: 6817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Oct 2023 05:35:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA0F 604 B
918 B 64ms
27ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:02:30 GMT
x-content-type-options: nosniff
age: 1618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Oct 2023 07:02:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame DA0F 19 KB
8 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:52:11 GMT

GET
H2 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 9C41 9 KB
5 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H2 200 40f44225e0a1c31e628c89e0882e5f2b.js Show response
www.gstatic.com/mysidia/ Frame 9C41 10 KB
4 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4273
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 02:15:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C41 8 KB
968 B 54ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 9C41 2 KB
847 B 59ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 9C41 23 KB
10 KB 54ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 9C41 3 KB
1 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 9C41 17 KB
7 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C41 153 KB
48 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 9C41 33 KB
14 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C41 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdVNV14RbY4yfMMrl1ga1_bawCriE3qdsto2a-qgQ7-bz_QgQASCG3M4dYJXCpoKwB6AB5aD39CjIAQGpAnjlyUktwbA-qAMByAPDBKoEhwJP0AgCgqoVx0WYs_HotH2AEEP00CmzRxSjYZ2nRxwgkfOFFdva7eyeA1v0rClqArCgMNctWVaG_2lRgSuSa90WFiQa7Bmdq31pxLijVQrOuOXvq8lowoblGU7u4QJwHNxMxc1LDzMJEFFOX5r2CsUr0ZooNUkvNsGQn6hSW3aS2LYxeiyUoyFi3SUj9mq4KnltTH-mUnEMBK8morqq0Rx72hSGJDD32KEJpHm8lHNz_tJhaIPyjipCRIBSlrPy6DW8FZDluYTGdIsTaz9ZHNfqOJuyfAuUY_gc6-SSvnXpb2s1l-YgydRUPMwyODsi9L0B26S--lkYiMdE_Gv2yxHvTf8xFyNmosAElpupqYgEkgUECAQYAZIFBAgFGASgBmaAB-XYx9QDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgNsC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=nVIpr-VLsTE&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 07:29:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 61DF 8 KB
895 B 63ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:33:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 61DF 2 KB
765 B 58ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 61DF 23 KB
9 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 61DF 3 KB
1 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 61DF 17 KB
7 KB 55ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61DF 153 KB
47 KB 58ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:28 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 61DF 33 KB
14 KB 53ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E721 143 B
166 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:55:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C41 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cef886d427997123092ac69479d3d03ce11111a77db00511396ee4958fb61021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F97 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:55:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E721
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
34ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EFF 36 KB
16 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F97
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 625F 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: logicpalm.com
URL: http://logicpalm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A9ED 4 KB
621 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1666942167&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167640&bpp=2&bdt=617&idt=100&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qjhcV2q4IL&p=https%3A//qa.cr-halal.com&dtd=105

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 07:27:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A9ED 2 KB
765 B 14ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame A9ED 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A9ED 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A9ED 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9ED 153 KB
47 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame A9ED 33 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0536 6 KB
672 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ijq36w8JOp&p=https%3A//qa.cr-halal.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:32:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0536 2 KB
765 B 15ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 0536 23 KB
9 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0536 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0536 17 KB
7 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0536 153 KB
47 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 0536 33 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A9ED 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CA4at14RbY5jcMJXxtgeEtpaQBaKRgv9s9qu037EQmJL4h7MCEAEghtzOHWCVwqaCsAegAYi55NQDyAEJqQIwXSzWUcOwPqgDAcgDywSqBPUBT9CoROB0jHXouRK9_Rm7j7YbVaHvRGL1BoK42Xz5bdwWhKhrWJ579BMz57TfzpMKT6hjm4ZoETl2Dij0PBmy5sq8GLsuBIavIW1xW7twHIqt-5PnHjqWYpYgQayFl_405IKBAHLT4gW9X7gbE2goYkOKhSXoXlOB3ZlbuDxpPvCWp7bKrmEaTUAnWCTLn9u4KIlAeqLxXKPc75n-_NPbmmpEmSqLbfjYr2zZfH4_FuuZh5EUeQ_NnCqfGT50e5YDUm6SF-lFR6ch8ev6vE7EfwstlrzZfshP-Gg0oohZEfsaWCVB_YQgpwzPNZIcqXeuNXhdEJzABLqX1p2WBKAGLoAH4MabK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOe0DdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTA9AVAYAXAbIXHAoaCAASFHB1Yi0zMTM1NjQ0NjM5MDE1NDc0GAA&sigh=s-QFKT40S8I&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1666942167&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942167640&bpp=2&bdt=617&idt=100&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qjhcV2q4IL&p=https%3A//qa.cr-halal.com&dtd=105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 07:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0536 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C55bn2IRbY_LPJoTxtgexjZl4lOOlsl_39KjC1g_b2R4QASCG3M4dYJXCpoKwB6AB8N7UqgPIAQmpAjBdLNZRw7A-qAMByAPLBKoE9QFP0HgQtKULvQkO89f6sdFAH0uvfjpf8lkDpruo5H8Jstv4Oyaa_qA0EnaUIB9W6YY8z5xqE0aS5k8vs3yqMzgNmXgaG705Qwh4jOMOv4w1FmDpKyi95hZUghV_OZ3BTLRa60LSWw457MGNIfnFI-z7eZXVyaPdxqmEhIv6nzAPEFC-eNeYQJBSiVRAd-mkY1w8aQPhQDCJNwe7wVJ-BXy8NrvfDSMFES0-OChLNThuGrx-uGR_ev398FgBZLLPFhXttlS3DnQRzEhqTorQGwhlQ0y_WLTa1Ol3vYZ-5C__l8eYFmkzUiPtwYa_IISXVnfIEmjuNsAEofb0moACkgUECAQYAZIFBAgFGASgBi6AB_igq1WoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCkgAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=NGEqmQsPVVE&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ijq36w8JOp&p=https%3A//qa.cr-halal.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 07:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/12422811916608165243/ Frame A9ED 17 KB
17 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12422811916608165243/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57b447c165ca4ed07f319a6979624fe1468b0b3ac5595c6982921b4200f5ac06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 03:41:50 GMT
x-content-type-options: nosniff
age: 359259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17301
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 16:08:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 03:41:50 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8219123066389401606/ Frame A9ED 4 KB
4 KB 23ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8219123066389401606/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac5acef3a7dbf350561baf09d072ca3f400c1e0136dc7debc190933e135207b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 03:30:13 GMT
x-content-type-options: nosniff
age: 359956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3990
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 09:52:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 03:30:13 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8370469602510310455/ Frame 0536 8 KB
8 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8370469602510310455/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b01813c3707332002d9c0125c6b08f1b7a9d7b1e4f383c696932152ca18deede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 09:54:24 GMT
x-content-type-options: nosniff
age: 509705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8662
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 12:33:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Oct 2023 09:54:24 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12998568671959880607/ Frame 0536 17 KB
17 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12998568671959880607/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22fde07ea19585ef464e1f2b099c588db40a4c5959392e5fd61e99a5ef883cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:54:45 GMT
x-content-type-options: nosniff
age: 38084
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17018
x-xss-protection: 0
last-modified: Sat, 29 Sep 2018 21:47:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 20:54:45 GMT

GET
DATA 200
OK truncated
/ Frame 0536 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame FEEC 4 KB
621 B 33ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 07:20:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame FEEC 2 KB
765 B 19ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame FEEC 23 KB
9 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame FEEC 3 KB
1 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame FEEC 17 KB
7 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FEEC 0
0 34ms
26ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGR4nCXBj_3qro5MY1V_b3pdIVJvMbKLhnslcmtYDENv11SPzan-CVZ9WEw6gVmrZjjKCT0VDniaDt1V8TCSKfSiazww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEEC 153 KB
47 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame FEEC 33 KB
14 KB 23ms
17ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FEEC 0
0 64ms
59ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTCaB2IRbY_f0JojitweizovwBN6T9I9t07zcgekQm5ecjZgOEAEghtzOHWCVwqaCsAegAc6uiN8DyAEJqAMByAPLBKoE9QFP0BzN5PEuHLgoazUL5SWj1mNqs_he7MMXeESR_KVfmQO4QhTohra6aCUgshQbapoLlVicM6dB5UUUPyjNL-KdJ3mN1jJB6Zz62x0Bu05eIY5umuTz7ZRunZzK1FmMrZ-ExSkDC_wiDqhv0-Dp76JfGTdCQGnW5V0E0UrWWNtaXZT6r2DKU_3sPvHdWZp0zWnTzwffyPUBXkuNHNC_YhO3wLUJz650WEq4J-6Xm3huKsveEYD2qUAmXFQINeAqxHhJZ0ScX3M5R9Ha9lIapBcthQvQwsPtftTXcCqWldIL0GMbEWZzuKEzvv80PJeNXyct5BsqT8AEsYXmkp8EkgUECAQYAZIFBAgFGASgBi6AB5rR9yCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDxvgHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=N01hoSZo7p4&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 07:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5570 1 KB
643 B 18ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9ED 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92319150389dc124fc14ee6ccb26f2e85c5476e48fb6295c3fc79bcf6d6328ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0536 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5b3c2948f5fa674c9a1832090a8b68fe1712df1de60d9fda1bb506b6fac716d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6439933394967481905/ Frame FEEC 6 KB
6 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6439933394967481905/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8fb4af8f61d42b6a5ff76a804332b1cf7ccec695974dddad12f5bcef4b42e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:37:31 GMT
x-content-type-options: nosniff
age: 337918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6557
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 19:16:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 09:37:31 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/769579884745348583/ Frame FEEC 11 KB
11 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/769579884745348583/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb3ce1e6260f94f0d26b5dcdf713280485aac173aea9628b3e718f87e4f4cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 16:57:06 GMT
x-content-type-options: nosniff
age: 397943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11399
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 07:49:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 16:57:06 GMT

GET
DATA 200
OK truncated
/ Frame FEEC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/ Frame 9FEA 22 KB
4 KB 17ms
17ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html

Requested by

Host: logicpalm.com
URL: http://logicpalm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2db86348a762a2f967b3507127590018b5e5a9a05a72158941e3412ec8788e6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 347360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4098
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 07:00:09 GMT
expires: Tue, 24 Oct 2023 07:00:09 GMT
last-modified: Thu, 06 Oct 2022 16:00:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B41 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ8wa2IRbY571J4SKtwfz-KmgDY7tloRtjsXbgskQsJAfEAEghtzOHWCVwqaCsAegAa2NwsECyAEJqQIwXSzWUcOwPqgDAcgDSKoE-AFP0CHuPgQvV0EZdXCWPIJikFaYrKz2E9QLNR82fJ72BReutzY9sSrtMVfbfbc_8GHb0TKdeq-8zmxtj1cRXn-yXvfIVrBmQSPoZXtPeZWQGIZt9jyY0qCPoHNffsCGx0DFjSM2x0PElZk5enGXp39hvR6kb4VyODF7_Nl1xSXBIn34e7YpVhNOT_iIIqO4MeIKXwLtn7bVgxd9slI2K6l_smPhcJQIuWrVroX70RDsDBuDkelr4n5TjosqTWuiHg1E6LOcyM62rLwxUhCoytGQy6sg1D-P1hbt3rlEWdVdqB18O1lul1B85zqTujqkAudyKwM2rwOc6cAEpsnIwYwEkgUECAQYAZIFBAgFGASgBi6AB-nZjWqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCiWNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=f_ZMHC9MANo&uach_m=[UACH]&template_id=419

Requested by

Host: logicpalm.com
URL: http://logicpalm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 07:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 7B41 23 KB
9 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7B41 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7B41 17 KB
7 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7B41 0
0 24ms
23ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVl_-KESGjUKbW5p8yKeJ6qGXIblM8shf0PJwK7VlZDyDKInIs2PVOJCjfYMqpAdqw2936nk7EzttWLlo9FGCfYSPjSg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B41 153 KB
47 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A9ED 15 KB
16 KB 76ms
13ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 312277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A9ED 15 KB
15 KB 75ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:10:11 GMT
x-content-type-options: nosniff
age: 22758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:10:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0536 15 KB
16 KB 85ms
27ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 312277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0536 15 KB
15 KB 93ms
38ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 557325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9FEA 6 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9FEA 34 KB
13 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:53:06 GMT

GET
H3 200 38d1ce5c61041a85e4eed8f166984d46.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/ Frame 9FEA 96 KB
27 KB 33ms
33ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/38d1ce5c61041a85e4eed8f166984d46.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d69f0e95764d9decff3dbc6563b247d0ce1c8642e604f4606a3b8251e467231

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 07:00:20 GMT
age: 347349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27711
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 07:00:20 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5570 35 B
463 B 58ms
10ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDRE6ZP--XljmAcPJwaebZ4&google_cver=1&google_push=AZmPxg8LMDv15AipZ-N7oigClGMjwtBD8gQiF3MYZ3R8J5Pk_3KX57iftD4OjvwZIitJCXSKkjqlTHBlY1XifkP4M0oVQ-anfw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5570
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELlWgoOdvkd5UbhdlXQd8sA&google_cver=1&google_push=AZmPxg9MyZ7Cr03TH4zpwdOXvEUOWJ9ujh36YFeoR94mR9blsP8UKfLt8upgdQY19oGOif_CKz1rKx_8uJlzXF3m6g39DCVe_y4
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9MyZ7Cr03TH4zpwdOXvEUOWJ9ujh36YFeoR94mR9blsP8UKfLt8upgdQY19oGOif_CKz1rKx_8uJlzXF3m6g39DCVe_y4&google_hm=Q0FFU0VMbFdnb09kdmtkNV...

170 B
188 B

54ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9MyZ7Cr03TH4zpwdOXvEUOWJ9ujh36YFeoR94mR9blsP8UKfLt8upgdQY19oGOif_CKz1rKx_8uJlzXF3m6g39DCVe_y4&google_hm=Q0FFU0VMbFdnb09kdmtkNVViaGRsWFFkOHNB

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 07:29:29 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9MyZ7Cr03TH4zpwdOXvEUOWJ9ujh36YFeoR94mR9blsP8UKfLt8upgdQY19oGOif_CKz1rKx_8uJlzXF3m6g39DCVe_y4&google_hm=Q0FFU0VMbFdnb09kdmtkNVViaGRsWFFkOHNB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 5570 0
98 B 80ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_hwGng37XdRVsbDvmNIVQE83H-F3Z7ZXZMe4lWeCv9vXWgaDl7t9RKqx5ByWgDUTJNNvGZxM2Mg7KD8rpnRt2WzdR2Sg&google_gid=CAESEMjZ2tHx2R9uKfDiVErCsdQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ijq36w8JOp&p=https%3A//qa.cr-halal.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5570 43 B
351 B 83ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKZ-vmJzx_H8C3IjllF7Sfw&google_cver=1&google_push=AZmPxg-dx1heqK5y_VBY-EO2ccUAOs5q0WhLdF97gTXSdjhY_HxTeY739DsrI3Tva4eX0tmF9ptp1Hbg4MvdqEy7-JnOoP7zSg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=2002010363&pi=t.aa~a.1615370218~i.21~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ijq36w8JOp&p=https%3A//qa.cr-halal.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ir1l6kq4g4mgh80r6kpuluitunk9lsdv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5570
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JZx5sMJWRlWl8Ef-3Tv9qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

111ms
110ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JZx5sMJWRlWl8Ef-3Tv9qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8yaezJK-GwRtRbRH6BybJRK2lg2niQdVOefkLnLhMqIcsUnc3gVSEJLtrrQoIpadmXjBVpkaAwrDNzwnsuY2C4txFuTCM

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JZx5sMJWRlWl8Ef-3Tv9qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8yaezJK-GwRtRbRH6BybJRK2lg2niQdVOefkLnLhMqIcsUnc3gVSEJLtrrQoIpadmXjBVpkaAwrDNzwnsuY2C4txFuTCM
date: Fri, 28 Oct 2022 07:29:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5570
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEASzRzlQG9EwpRD_aI4gD9E&google_cver=1&google_push=AZmPxg83wGj5hR-EdeWW7W2T150UAwojsxATdEFjaceMtk4yMAUS8YS4BymFaBsxFBCUVjGW-r3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUUTgtMVUtRlo2WA==&google_push=AZmPxg83wGj5hR-EdeWW7W2T150UAwojsxATdEFjaceMtk4yMAUS8YS4BymFaBsxFBCUVjGW-r3LGYX-eWHO-401_-RMo6g-9RE

170 B
188 B

60ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUUTgtMVUtRlo2WA==&google_push=AZmPxg83wGj5hR-EdeWW7W2T150UAwojsxATdEFjaceMtk4yMAUS8YS4BymFaBsxFBCUVjGW-r3LGYX-eWHO-401_-RMo6g-9RE

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUUTgtMVUtRlo2WA==&google_push=AZmPxg83wGj5hR-EdeWW7W2T150UAwojsxATdEFjaceMtk4yMAUS8YS4BymFaBsxFBCUVjGW-r3LGYX-eWHO-401_-RMo6g-9RE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5570
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg92VDD0F9nF7q72xigVBscmZ8JNXA6Vq...

170 B
188 B

224ms
220ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg92VDD0F9nF7q72xigVBscmZ8JNXA6VqT4fd6IqrG7NDPv3nGE2mZNez09ZTkgYdqk9zsaCJsp4p7sYbY7WM6yFjb-zz9Y

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBdEzFcVYub0TJYejAd0WI&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg92VDD0F9nF7q72xigVBscmZ8JNXA6VqT4fd6IqrG7NDPv3nGE2mZNez09ZTkgYdqk9zsaCJsp4p7sYbY7WM6yFjb-zz9Y
cache-control: no-cache
cf-ray: 7611f5ef4be391de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5570 0
223 B 95ms
31ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfhU35aWPpSpxYFyoVe719Uf7xNWVHMcsr7gPlDth2dQpZfnEfHC1-A2HjK0yDNwE_WJpJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA61 143 B
166 B 32ms
14ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:55:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 882B 1 KB
643 B 28ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FEEC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 109c8db1afbcaf7fc0cf9e516c281f5a55771e213edd8fbbc1a4ff69dfb05730

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FEEC 15 KB
16 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 312277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
DATA 200
OK truncated
/ Frame 7B41 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5fab79186a1ca7d18ad6ce70b5b7c52cea8dd578b2e6ed7789f9ef7501799ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7B41 0
20 B 90ms
54ms Other
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7By76zgvsCFQTF7Qodc3wK1A&gqi=2IRbY5zJJsmG9fgP0YaRqAk&layout=/sadbundle/%24csp%253Der3%24/15703516274139381260/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 18284422129284599841
tpc.googlesyndication.com/simgad/ Frame D0BD 95 KB
95 KB 18ms
17ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18284422129284599841?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlryidx2Hmfj3Nc5FgL6uHknqh05Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a57a793736889d6f191fc8a7f94d35ca4a9f436618ab0aeaf84b98cf121fe90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:22:05 GMT
x-content-type-options: nosniff
age: 444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97361
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 07:34:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 07:22:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame D0BD 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D0BD 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D0BD 17 KB
7 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D0BD 0
0 24ms
22ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMkDkZH4R28kQwjPIlU1LeDkCi8TkPxFskPEdk5sC4rj0SxkT_DPANvnpfBZhkFKNRo11c4DWxsvZTn96F_URNmlUdsQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0BD 153 KB
47 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D0BD 33 KB
13 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
server: cafe
etag: 5057659360189610740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:54:21 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D4E 36 KB
16 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3 200 roboto_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/fonts/ Frame 9FEA 133 KB
70 KB 66ms
14ms Font
font/ttf 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/fonts/roboto_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/38d1ce5c61041a85e4eed8f166984d46.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 07:00:09 GMT
age: 347360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71583
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 07:00:09 GMT

GET
H3 200 fa53a9d5d5a1d83ac473502384574afe.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/media/ Frame 9FEA 10 KB
5 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/media/fa53a9d5d5a1d83ac473502384574afe.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc5884e70a6ab8328de150020fb2b697bb276a3c7f4fb7d99d53522da28bbe5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 07:00:09 GMT
age: 347360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4657
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 07:00:09 GMT

GET
H3 200 a256143372a0261f941d989f600f9bec.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/media/ Frame 9FEA 22 KB
22 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/media/a256143372a0261f941d989f600f9bec.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2884393565131391acad83d76664c08ae48a427c6fc6503ee26cb0385cb7211d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 07:00:20 GMT
x-content-type-options: nosniff
age: 347349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22308
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 07:00:20 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame DE75 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 882B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFzA0VVIUSL3fyiBUYlHGfs&google_cver=1&google_push=AZmPxg_sqvWGv5jkEoyv2P1sFGsN5ZZ0N2xPCt5y5pjjVxzP0x2NAbFmsJ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_sqvWGv5jkEoyv2P1sFGsN5ZZ0N2xPCt5y5pjjVxzP0x2NAbFmsJKO6IBcnbHlteumcG8uGMspQNnX3iT5qoekyPaZU-U&google_hm=oKsAd3CQhNtPM...

170 B
188 B

34ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_sqvWGv5jkEoyv2P1sFGsN5ZZ0N2xPCt5y5pjjVxzP0x2NAbFmsJKO6IBcnbHlteumcG8uGMspQNnX3iT5qoekyPaZU-U&google_hm=oKsAd3CQhNtPMDh7Vl4tcg

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_sqvWGv5jkEoyv2P1sFGsN5ZZ0N2xPCt5y5pjjVxzP0x2NAbFmsJKO6IBcnbHlteumcG8uGMspQNnX3iT5qoekyPaZU-U&google_hm=oKsAd3CQhNtPMDh7Vl4tcg
pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 882B
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIwkJK7yrcxGILgMk3A0-Qk&google_cver=1&google_push=AZmPxg_nuFuNdNHG3N3BpsOgdih0Y7bZikJKN5BqhFW8GEGak-9LjDXBPoJApNn0z2tDQV0502fSJCGfVJuO4qr1XsDyj8smXX0
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_nuFuNdNHG3N3BpsOgdih0Y7bZikJKN5BqhFW8GEGak-9LjDXBPoJApNn0z2tDQV0502fSJCGfVJuO4qr1XsDyj8smXX0&google_hm=Q0FFU0VJd2tKSzd5cmN4R0...

170 B
188 B

32ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_nuFuNdNHG3N3BpsOgdih0Y7bZikJKN5BqhFW8GEGak-9LjDXBPoJApNn0z2tDQV0502fSJCGfVJuO4qr1XsDyj8smXX0&google_hm=Q0FFU0VJd2tKSzd5cmN4R0lMZ01rM0EwLVFr

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 07:29:29 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_nuFuNdNHG3N3BpsOgdih0Y7bZikJKN5BqhFW8GEGak-9LjDXBPoJApNn0z2tDQV0502fSJCGfVJuO4qr1XsDyj8smXX0&google_hm=Q0FFU0VJd2tKSzd5cmN4R0lMZ01rM0EwLVFr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame 882B 0
9 B 54ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_IzWWVyl_1HkiH1Io5u-bUiloOHSf2mwOnQx8jzNzRQcEzNwhbtD8v3YhezDt2US1egNA9T6Y7EFW5VH_xnSLee5gSzQ&google_gid=CAESEMyPQpb7YzXKrEouO3tU2eU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame 882B 43 B
64 B 42ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEI8Ga4V-Cr8y50oX1_wYCyA&google_cver=1&google_push=AZmPxg9rBJdnaMqL26EdHQ9YRhHhbCaVg6rMrpSFKcydOtCsI09mlhK6v841pNquWzG0Sj-AXkp7w7xOeT9A-WwLUVtv82bXamQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 428270mkgtsctnsh8b38v55qauofjt1v

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 882B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg85ulRiMP5keOj0GQINxEawKLw4Lp55H6hWmYRuFI2cXDd8GM7czM6ytqHgXRi5Z6FCi8IsJQsrEKtCfa6A_V0_5w3M3w

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg85ulRiMP5keOj0GQINxEawKLw4Lp55H6hWmYRuFI2cXDd8GM7czM6ytqHgXRi5Z6FCi8IsJQsrEKtCfa6A_V0_5w3M3w
date: Fri, 28 Oct 2022 07:29:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 882B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIP9D0HGKrn9_P_cRRwPzOo&google_cver=1&google_push=AZmPxg8J9Vg6ymFxo8SuldYoLwg28ItFkWPr2t8B2hstf5U-JSP4QsYhK2nhMpxiRZiUsa5rnBC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUU1MtMi1FM1hM&google_push=AZmPxg8J9Vg6ymFxo8SuldYoLwg28ItFkWPr2t8B2hstf5U-JSP4QsYhK2nhMpxiRZiUsa5rnBCqEIxK25hJelEvQJ0Maah_zQ

170 B
188 B

34ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUU1MtMi1FM1hM&google_push=AZmPxg8J9Vg6ymFxo8SuldYoLwg28ItFkWPr2t8B2hstf5U-JSP4QsYhK2nhMpxiRZiUsa5rnBCqEIxK25hJelEvQJ0Maah_zQ

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJUU1MtMi1FM1hM&google_push=AZmPxg8J9Vg6ymFxo8SuldYoLwg28ItFkWPr2t8B2hstf5U-JSP4QsYhK2nhMpxiRZiUsa5rnBCqEIxK25hJelEvQJ0Maah_zQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 882B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-x3RO3GysHvJVshCebBts&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-x3RO3GysHvJVshCebBts&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg_AOpIIcnYdNBM5WQGZ7gUrmyFUqiOmg...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-x3RO3GysHvJVshCebBts&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg_AOpIIcnYdNBM5WQGZ7gUrmyFUqiOmgyCBOCCrcNxKvCJ6feaM3ynma53hTHq7IFqwTnionrz5gVSrIZAvtnYo3TLBo1M

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/11/7-ways-to-make-money-every-day-in-crypto

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-x3RO3GysHvJVshCebBts&google_hm=Y1uE2XIuVJlnGYmuXKqsjwAAFCsAAAIB&google_nid=index&google_push=AZmPxg_AOpIIcnYdNBM5WQGZ7gUrmyFUqiOmgyCBOCCrcNxKvCJ6feaM3ynma53hTHq7IFqwTnionrz5gVSrIZAvtnYo3TLBo1M
cache-control: no-cache
cf-ray: 7611f5ef5c0691de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 882B 0
12 B 32ms
24ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KurzXXaz28APa9yHGzluffmaJs0pL_Fb7TQZXapGeXX04-sd4Sagd8acrMQLJ4poJejVRa

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D0BD 0
0 58ms
56ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzXw_2IRbY9usJprKtwf5j6z4CJa_tpNtgL6cgfEQ29keEAEghtzOHWCVwqaCsAegAZyv-6gCyAECqAMByAPJBKoE8AFP0AeEnJroPkm8uRuhOAa0nt15ybPOAjbkRVDnqYmjqSFgTol5ThoA9PksdimrY2wSqjGO5mCuHxsjx3PV4X1U63HLVrD0XxhAFiT9PAk7hrvnu1QrYEN9VeOADvBCCt_awJwX5c2T1rm_n6FfwKBZOXYrJ9ynmY3v-SREYo_cyQd2GfEIeJ3qvGITdWNu2GsFAc8LlEtwWOq9HCzXtCJYgBAbEfjk9aoMXHe7l36aNnOZakrfMFLjbko7UCNPCaIh2lHu3Xm63I9YlIAbNDMqxqyt2F7rhI_X2vGT7lg6P19C1Q90UVjb2Zwp6jL6n9XABLvnv6ScBJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJDmBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=ry23-di1DQI&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 07:29:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA61
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
25ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 113C 36 KB
16 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=845997707&pi=t.aa~a.1615370218~i.23~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cL3ZYH8WNo&p=https%3A//qa.cr-halal.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 285F 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:55:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 905D 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D0BD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc24c020e615f1248a369a625de9311f2c2ce9e4f7482c4d6cdd78833c4c8b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fa53a9d5d5a1d83ac473502384574afe.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/media/ Frame 9FEA 10 KB
5 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/media/fa53a9d5d5a1d83ac473502384574afe.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703516274139381260/38d1ce5c61041a85e4eed8f166984d46.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc5884e70a6ab8328de150020fb2b697bb276a3c7f4fb7d99d53522da28bbe5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 07:00:09 GMT
age: 347360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4657
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 07:00:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 905D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDOf8eI5wDuJo2Ft3zCxvfM&google_cver=1&google_push=AZmPxg_MUpXb_5z7cghFdYAdtsdhptVcaM8ZQMCwgcTM0aF8MG4YUezOvv...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_MUpXb_5z7cghFdYAdtsdhptVcaM8ZQMCwgcTM0aF8MG4YUezOvvqeo0iUZNl6QugYxVeq3iXZqYMEBzpZbZmvikCdOeA_&google_hm=oKsAd3CQhNtP...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_MUpXb_5z7cghFdYAdtsdhptVcaM8ZQMCwgcTM0aF8MG4YUezOvvqeo0iUZNl6QugYxVeq3iXZqYMEBzpZbZmvikCdOeA_&google_hm=oKsAd3CQhNtPMDh7Vl4tcg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_MUpXb_5z7cghFdYAdtsdhptVcaM8ZQMCwgcTM0aF8MG4YUezOvvqeo0iUZNl6QugYxVeq3iXZqYMEBzpZbZmvikCdOeA_&google_hm=oKsAd3CQhNtPMDh7Vl4tcg
pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 905D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELfePPi4J5Wsp3uOM2m37dE&google_cver=1&google_push=AZmPxg9u5oUYntUgn19DL29asJ3-0emImSdqWHJdSifTYl5kXIPBXC84fjr3TXqHmqgUM9LjI5lZIsFyxFFGBQQCDN1dzrZjF3dX
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9u5oUYntUgn19DL29asJ3-0emImSdqWHJdSifTYl5kXIPBXC84fjr3TXqHmqgUM9LjI5lZIsFyxFFGBQQCDN1dzrZjF3dX&google_hm=Q0FFU0VMZmVQUGk0SjVXc...

170 B
188 B

624ms
624ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9u5oUYntUgn19DL29asJ3-0emImSdqWHJdSifTYl5kXIPBXC84fjr3TXqHmqgUM9LjI5lZIsFyxFFGBQQCDN1dzrZjF3dX&google_hm=Q0FFU0VMZmVQUGk0SjVXc3AzdU9NMm0zN2RF

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 07:29:29 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9u5oUYntUgn19DL29asJ3-0emImSdqWHJdSifTYl5kXIPBXC84fjr3TXqHmqgUM9LjI5lZIsFyxFFGBQQCDN1dzrZjF3dX&google_hm=Q0FFU0VMZmVQUGk0SjVXc3AzdU9NMm0zN2RF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame 905D 0
9 B 22ms
18ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8ezB8OJCvqM3ykzuQjTdgDeM2uFBLBz8okX7-ixaDd33T2_EHmQC_jF4dWbjatY-jJ_cWU7EPluPNZHX2Xy29sd5qwBWIz&google_gid=CAESECaLiE4twxmGD52voD8Ge8c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 905D 43 B
356 B 79ms
19ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEF9l5LwLgSjl1BGxbwdOeW0&google_push=AZmPxg-mfJMwKcJqb7VlBlAlhfmlZkBMYZneN5ceziHmf-Sf-YnE9F8ygD98mq3dsiMwnZVo-nIS7RgSyKscmCsllmbwiiLOJ9o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 905D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8Qvnf1TXJf8Pn9N1e1ILxJLaIj1Gr8hkKu3XruCrSt31khvSGYORCRoGVz7-kZSCpfebpsmMK53fkOGJpRfJ1uy_WKg2sl

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IbRANvRSSaWUyXuQTD4loA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8Qvnf1TXJf8Pn9N1e1ILxJLaIj1Gr8hkKu3XruCrSt31khvSGYORCRoGVz7-kZSCpfebpsmMK53fkOGJpRfJ1uy_WKg2sl
date: Fri, 28 Oct 2022 07:29:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 905D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENOyFaPnNwJxkuSjDt-W0iQ&google_cver=1&google_push=AZmPxg-wrT6pVNH-ya024LrcplYFccusRJcLMVR1hdC8eMxNXre6mQyQxHE96Z3lg9xVTXkTFR9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJVMEstMU4tSEpETg==&google_push=AZmPxg-wrT6pVNH-ya024LrcplYFccusRJcLMVR1hdC8eMxNXre6mQyQxHE96Z3lg9xVTXkTFR9m-1rJKSXdEePCEFiineJjKmKS

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJVMEstMU4tSEpETg==&google_push=AZmPxg-wrT6pVNH-ya024LrcplYFccusRJcLMVR1hdC8eMxNXre6mQyQxHE96Z3lg9xVTXkTFR9m-1rJKSXdEePCEFiineJjKmKS

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTNkJVMEstMU4tSEpETg==&google_push=AZmPxg-wrT6pVNH-ya024LrcplYFccusRJcLMVR1hdC8eMxNXre6mQyQxHE96Z3lg9xVTXkTFR9m-1rJKSXdEePCEFiineJjKmKS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 905D 43 B
297 B 169ms
26ms Image
image/gif 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMMTK_nOdX5LDZ4ia8RdniE&google_cver=1&google_push=AZmPxg88liz9x_iQ4VwA7spK0Lha0ANtKgdK_fT5zmTpqCQbrJcvu4lTtF-5y-fCOnfzLSL_cRs6b2bnBa5MHAj2ufVgAhmFAAQP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Oct 2022 07:29:29 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 905D 0
12 B 22ms
21ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV99Wmn2IrRl5ldMqV-CinMPVpsDh8ZSDOGmDEiFRrScAPTgVa9KYze5vR1Wn8Y0h9fVnl

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 27ms
27ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f26ce36749fbd4c312c894e01341daead4c6aa7005af10703c15ad1e997c692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11334
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 285F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame EA26 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1292428042&adf=1172747481&pi=t.aa~a.1615370218~i.17~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1666942168&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168582&bpp=1&bdt=1560&idt=-M&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=oX0uVA6Udi&p=https%3A//qa.cr-halal.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FEA 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 07:29:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D24E 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:40:47 GMT
expires: Sat, 28 Oct 2023 06:40:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2828 783 B
533 B 24ms
23ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac243ba02b576c4ba68240ccd34337ba28cc5e51f8de4fa08cbf03eec77122ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jj_vwjUwnp2VO_Xyteilfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Jj_vwjUwnp2VO_Xyteilfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:29:29 GMT
expires: Fri, 28 Oct 2022 07:29:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame D24E 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 06:40:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2828 0
0 53ms
52ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=35027626105189&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D24E 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PE_8lA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:29:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C41 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvG8jf4r8GEOYLc4jEBP2Ue9bFulVr0QfNzSMGwFLweE1Yb3wswSlEza9oXiBDK_GehEN-COs6y-E4DtSKGky85q4zhlZGqw4ngROOpg6e7-wQm_uV1WKirXEFpLLnSFkR2q-AjSQ&sai=AMfl-YQrzwVM6qx4z5rtoLbiZrVPTKYE8_TaMz898HA0J7OzHAT4oE_PFnJaBAs1KVBeVfZntX0vLPz3uOMiQ2k&sig=Cg0ArKJSzIGfTDV2RbwOEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=167,819,1001,1180,1190&tos=167,652,182,179,10&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666942168677&rpt=262&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A9ED 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9FZeXaNmpYvcOb9JQXw-xgytSGllS-4m-XXx3c54fGXA3w-UrdguvgRhVfNN50fxjH5Aqv6t5SOW0yutfOs8IJrk1zyRVTakjYsQQw7CYPmQxKhhrQCR2wCMGhuDVt7tdzZQAoYkHvroSDyLoV1YfNQaerMKktHId14m35HjUJ6aTrvgIUEz0Oqj0wA_ZuIf8EwGSu_TnHEbEqVTtoHm01ntPYnpyL_dgCJ_NK7-t_3ktjKgMLR7A0tcEJ5eX2Reiz2E7GTSk27hRGaYFSD7BXrEccboxvyrbNw490zcmg_V-2LqsVtOBJXUk44MU-OkB7qdP8V_eJslnL9WKjOms1n_OCrN56yrmUsDcLU318oWNbe5wTdyj6ccRhq6ttevId8qrMHMiBVrM_eqXc0djLcmxA1yVaU71992PNtEL2T1Ggu93Px58JiQP6AIXNglWbTOwG6cvmhq2GgzwxW1BH5d6B5VHRcw6XdNdhXDAwIl61uBYl8OQ-8Ip64HLG5FS1nRGeeWGo8oK7s-UI3t6032t170qqx5Weltb3fMk4GoQdI3jzMNfWJszyHfQRFwcO6HLxD4ct4nDfdc42gl15kYPawa0l2ZrF9B7qWH3zzDXWhRi_IemAXrDlPU756ny_YEAeKeEwGrvbtzfE2nMbKWHkSbKP-lN5LP3OGqgl4JxxpywsYIhXlz-T8590arAyON4P8SNyB0xlJl1mPtaI8jJaSMWzGXBK1xXK5H9-Ik6hcq8PIG7kwJEhGZAik--OYlVT6B0n2AYSTTBsyW8QY5IvKHPDFYOjuNiyeg9-GcM9vFG_33Cc4nyz0FVMLvniXM5SHbJQnDmIWYpwOQoV8H_wKxdFzz7_jv2p-yP_NSkbLpTKs29eNmgUvk0S7oLuRUGKUhamnpULROXxZZQEEPMdUKTZNtwzBqrQ71ZwmSkQmtVvtddhaiIjO7ChuRiYMRrZzH8JzWc8Zo8RKWBCgzwlAXyTTDfLKlmgFuSPIpwtdQXJJS2npWFG4Kg4D4uqw&sai=AMfl-YQUm0nJ8BY79pxIeU8u-TmGNE2aNEH81g-fNeQQujMmfShPl1ZSbZjIqMzNgUxKuvz2FNC9NLoFu7vHlKvADvfcriO9qWqadOcf&sig=Cg0ArKJSzCR5K0StumSPEAE&id=lidar2&mcvt=1000&p=0,0,90,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3576269607&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666942167746&rpt=1697&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 07:29:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=35027626105189&bg=!ERKlElbNAAZPh4lnb4c7ACkAdvg8WsVpnbPeRMQliweivHvlO9x44MEk8DQwIX-Kk-98u0Qsy81IvQIAAABoUgAAAANoAQcKAHSz9gbz7anN1kBxfb75zNBP9mRD0cW2Eg0O-GtdWeWm3DqGDkJ53x4E1Fuf2dU4NucoFG1JjI8rbAWDxf06yS16GRT0kzAJhq_vycdZR3kCAenA32GqXXoBNEFoIm_l9-DSh1o7XWFQ8Kz3nVI40zQdWp75EJkCpafrvmYkOvC5sfJ7iGIq3jOtrAr7HtllGeKIhAj2t0TmLooyunJz4jzkms_sBkBwk32H0kI537Kl0kZIN-gi2z1QCCNtVOJt7xRplj-cpoIWuB5IQITP8pjz24tffmghebjFEUxyU5JdLL9ytmlCPd453U-E21sTr6yYzyMEss6QWoy0eoJ7HNL3dc03xb2hMZ27LHx_8cpyw-pE-JPQnSfGO8qibx9VpY1O1jubOp4OYjGw_zMge-aPI5QrxAafkffe2WrAEDvpdU0HEj7Y2Y1SDjzTKbYlFbJvAzIYza53-mo09inmCvMoRO25WZGmnFyLtgCjLkjMfOO_5Y3Zwtsc3g4TaWAKPJWAEj5U7Tg8eMmP5h-znTxdKNRsB06Xv_X7nYTGblgJY3JPaaEdwT-2VSh5v1d6GPhOulF9vxb3Nq43dQNEbi_EoFNTkfmgK1YFWjW6K8pPOnij6tVRNejJ9Ryu55GTmJmLmOoFznjcfEYXLZXIVWduCRwhGLcGT5oLHjPYSRSbHyaQ99hnTEt9EsCLfMsbRdt4accHvOchXCQUUtgx9tyq-b88WbJt5pbI2sUJsqK1HXlY6UnFHzgze9IbVft3mgeW2fcKfkjhPu9qPZIOf09GZGPclCozfRs8m1F-8L55_FxS6JTDY4baTl8DXLpNPsuKCR5gQmxP6zrLynmDG27OCEcjHDv2FSVyFK7l7LV5nK0mTWZ64o7UrR2eghU-cQBJe9AbZ82myTSDK6G3U7gonf0JF4S6iqfLDnaQmjjcTEQ3wUZhHTumfcmsuzw8WijPKg5NOvVE8uGk7qiMt61BNp2aEJ-O2PRTeR16mJfKhN-ucxUdK4G4odDG_IsWsHsqjYnmzJ3z9V5rpJDQ5EOZHJYxwwVCdCPc_lZW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
logicpalm.com/	1969-12-31 23:59:59	Name: X-Mapping-ocpcmbel Value: 5F0CAA34CC81B6B3C6108545F85C1926
.google.com/	1970-01-20 16:32:08	Name: __Secure-ENID Value: 7.SE=N5vODwAlxOXRa2_hTXHEBvcQbMatqCd-f-jWTOe6isdYU0vjv7AwRewHVrqZri6sGOHvs9x-ML6_I6kx9bRdbWVhTVNKQJzuXzhDfOzTntWkp7I98rvXaZ-2xiAQ75DpI-OG43cInVWwh1zF0aVDOThm6_NWTIQ5Ep5NsIAM5ZQ
.google.com/	1970-01-20 16:38:22	Name: CONSENT Value: PENDING+168
qa.cr-halal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6a718bb05fd19056ab1100f9f854cacd
qa.cr-halal.com/	1970-01-20 07:05:14	Name: qa_key Value: hpxkx5afgf2j4ub1ohg4va9pfpxclru7
.cr-halal.com/	1970-01-20 16:38:22	Name: _ga_V7K5ME1CH7 Value: GS1.1.1666942167.1.0.1666942167.0.0.0
.cr-halal.com/	1970-01-20 16:38:22	Name: _ga Value: GA1.1.1536275520.1666942168
.cr-halal.com/	1970-01-20 16:23:58	Name: __gads Value: ID=c10c7bf89b57bcfa-22c4f02c58ce0056:T=1666942167:RT=1666942167:S=ALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw
.cr-halal.com/	1970-01-20 16:23:58	Name: __gpi Value: UID=00000b7970aed6e7:T=1666942167:RT=1666942167:S=ALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ
.cr-halal.com/	1970-01-20 16:23:58	Name: __gsas Value: ID=a1a68995ed77daa1:T=1666942168:S=ALNI_Ma3ijfnDm5jkb8mgZoVhalC3oIY3A
.doubleclick.net/	1970-01-20 07:02:25	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 09:11:58	Name: d Value: EAcBCQG4J4EA
.quantserve.com/	1970-01-20 16:32:36	Name: mc Value: 635b84d9-60e3c-e1a9a-e8041
.casalemedia.com/	1970-01-20 15:47:58	Name: CMID Value: Y1uE2XIuVJlnGYmuXKqsjwAA
.casalemedia.com/	1970-01-20 09:11:58	Name: CMPS Value: 5163
.casalemedia.com/	1970-01-20 09:11:58	Name: CMPRO Value: 5163
.agkn.com/	1970-01-20 15:47:58	Name: ab Value: 0001%3ALpmgI%2BHYi5RMyrEgktdW07svpV1gFGEE
.doubleclick.net/	1970-01-20 16:23:58	Name: IDE Value: AHWqTUlVq-IfJWvNXcjgvOxJLltjlFQuEVDIVY6AKN55lAr8xpjGkHR8vqFWo3J86cM
.pubmatic.com/	1970-01-20 07:03:48	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 09:11:58	Name: CMTS Value: 5143
.pubmatic.com/	1970-01-20 09:11:58	Name: KADUSERCOOKIE Value: 21B44036-F452-49A5-94C9-7B904C3E25A0
.agkn.com/	1970-01-20 15:47:58	Name: u Value: C\|0CEAq7kFZKu5BWQAAAAACAQ13AQGAAQpAAAAAAA
.innovid.com/	1970-01-20 09:11:58	Name: uuid Value: 34f3050c-232f-4834-8f7b-b0ccf5c35cc2-20221028 03:29:29

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15703516274139381260/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=3996127398&adf=1131149390&pi=t.aa~a.2926153733~rp.2&w=607&fwrn=4&fwrnh=100&lmt=1666942168&rafmt=1&to=qs&pwprc=8069909860&format=607x280&url=https%3A%2F%2Fqa.cr-halal.com%2F11%2F7-ways-to-make-money-every-day-in-crypto&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666942168608&bpp=1&bdt=1586&idt=1&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc10c7bf89b57bcfa-22c4f02c58ce0056%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbxEP4M9OzSK2Y6aEsRy0NlQ_odsw&gpic=UID%3D00000b7970aed6e7%3AT%3D1666942167%3ART%3D1666942167%3AS%3DALNI_MbsQymFDEXiTdEPLCIt_MV4juCafQ&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280%2C609x280&nras=5&correlator=499929593082&frm=20&pv=1&ga_vid=1536275520.1666942168&ga_sid=1666942168&ga_hid=339978755&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=418&ady=4175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773613%2C44775016&oid=2&pvsid=35027626105189&tmod=1593953911&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=RjR2vi0Qm9&p=https%3A//qa.cr-halal.com&dtd=6 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15703516274139381260/index.html".
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_hwGng37XdRVsbDvmNIVQE83H-F3Z7ZXZMe4lWeCv9vXWgaDl7t9RKqx5ByWgDUTJNNvGZxM2Mg7KD8rpnRt2WzdR2Sg&google_gid=CAESEMjZ2tHx2R9uKfDiVErCsdQ&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_IzWWVyl_1HkiH1Io5u-bUiloOHSf2mwOnQx8jzNzRQcEzNwhbtD8v3YhezDt2US1egNA9T6Y7EFW5VH_xnSLee5gSzQ&google_gid=CAESEMyPQpb7YzXKrEouO3tU2eU&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8ezB8OJCvqM3ykzuQjTdgDeM2uFBLBz8okX7-ixaDd33T2_EHmQC_jF4dWbjatY-jJ_cWU7EPluPNZHX2Xy29sd5qwBWIz&google_gid=CAESECaLiE4twxmGD52voD8Ge8c&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
logicpalm.com
odr.mookie1.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
qa.cr-halal.com
region1.google-analytics.com
rtb.openx.net
sp-ao.shortpixel.ai
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.analyticsinsight.net
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.stilt.com
104.18.19.126
142.250.186.98
185.59.220.194
185.64.189.115
192.124.249.5
2001:4860:4802:34::36
2606:4700:10::6816:6f6
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2004
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a05:d01c:1d8:8100:7916:ade7:6c23:40ce
2a06:98c1:3121::3
3.66.100.67
34.98.67.61
35.186.253.211
35.244.174.68
66.29.132.14
69.173.144.138
98.129.229.50
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b12898482d198a7677b78c64310171b40d1662e677853e147e322a0064963e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb3ce1e6260f94f0d26b5dcdf713280485aac173aea9628b3e718f87e4f4cc2
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
109c8db1afbcaf7fc0cf9e516c281f5a55771e213edd8fbbc1a4ff69dfb05730
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
13dde8b06af02f2ed8ff1a0f929e6123350f0c21b08dadd63cd442c680a24635
14ce6d73839e296ca1dc784e0742a21fb252f4d844b8f2bde0f0c530e87ade2d
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
22fde07ea19585ef464e1f2b099c588db40a4c5959392e5fd61e99a5ef883cb7
2884393565131391acad83d76664c08ae48a427c6fc6503ee26cb0385cb7211d
2db86348a762a2f967b3507127590018b5e5a9a05a72158941e3412ec8788e6a
331a6da4879787ac4138530f975816d8ff2b4f1a34e05407de21dd637c2b575e
391bb72d37bb10923506304c92726eb77213e80ded2360e2308fe8055ab8e5d6
39af75b2973d55127bd438606d0e9851a0d419d57949016ac60145c634290dbf
4b4aef72d36872a4e14b620db3eb2521b72c8e4b0161e5b3c5d338846490ca8d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d69f0e95764d9decff3dbc6563b247d0ce1c8642e604f4606a3b8251e467231
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
5338841424c465c8b7ff1c30f363340ef319a3457c3223c42c0919aa6bf94f9d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b447c165ca4ed07f319a6979624fe1468b0b3ac5595c6982921b4200f5ac06
5a57a793736889d6f191fc8a7f94d35ca4a9f436618ab0aeaf84b98cf121fe90
5a9f0c8411d308685602d699930d1f7c870dfcb89fef0ced3cbfe0f477a53ce2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
804bc65715c991319244d74e36c1abbcb11fd688fe66ce30504e2f13948d2185
805f8d59de00fbdd3f2ca9b01a168c2c0771d1ec8256001572475aec6d70d6bc
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
92319150389dc124fc14ee6ccb26f2e85c5476e48fb6295c3fc79bcf6d6328ce
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f26ce36749fbd4c312c894e01341daead4c6aa7005af10703c15ad1e997c692
9f8fb4af8f61d42b6a5ff76a804332b1cf7ccec695974dddad12f5bcef4b42e4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b0e59a8e051718635735716392aedcf9d714a7b352c4a0d7cb72cc182568bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ac243ba02b576c4ba68240ccd34337ba28cc5e51f8de4fa08cbf03eec77122ec
b01813c3707332002d9c0125c6b08f1b7a9d7b1e4f383c696932152ca18deede
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b5b3c2948f5fa674c9a1832090a8b68fe1712df1de60d9fda1bb506b6fac716d
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
bc24c020e615f1248a369a625de9311f2c2ce9e4f7482c4d6cdd78833c4c8b9b
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cac5acef3a7dbf350561baf09d072ca3f400c1e0136dc7debc190933e135207b
cef886d427997123092ac69479d3d03ce11111a77db00511396ee4958fb61021
d423a20d43c8f430ef7a533a75d72428fab8cde363012601fee76423b860bbd6
d65570a32b92688049262e146b10cad84bd314fd6724959e6c0fbeb338e5d6c4
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
df1c787820c2de5ff4525976ef7d03d26f24276a2634e4e32b6c2c1982577d30
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2fed796bc88dc10c8540676338f4c712b58ffaa2bc7db5a5a93f36bc37ae052
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b44746ce70579da0faf61fd01d1d8494924a9a6e436fba4ab453aeb06d375d
e4c7a67ce4329873a82bbfb65d488ff707d2c9c99c998d3176bd0ffc1410d8a4
e5fab79186a1ca7d18ad6ce70b5b7c52cea8dd578b2e6ed7789f9ef7501799ac
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
edc5884e70a6ab8328de150020fb2b697bb276a3c7f4fb7d99d53522da28bbe5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

qa.cr-halal.com Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

91 %HTTPS

59 %IPv6

25 Domains

29 Subdomains

25 IPs

4 Countries

2053 kBTransfer

4985 kBSize

23 Cookies

2 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

91 %
HTTPS

59 %
IPv6

25
Domains

29
Subdomains

25
IPs

4
Countries

2053 kB
Transfer

4985 kB
Size

23
Cookies

173 HTTP transactions
8 data transactions