qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://digitalinvestmenthub.com/
Effective URL:
https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Submission: On October 13 via manual (October 13th 2022, 8:17:58 pm UTC) from US — Scanned from DE

Summary HTTP 209 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 29 domains to perform 209 HTTP transactions. The main IP is 66.29.132.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is qa.cr-halal.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 9th 2022. Valid for: a year.

This is the only time qa.cr-halal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.238.222.166 104.238.222.166	23470 (RELIABLESITE) (RELIABLESITE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
13	66.29.132.14 66.29.132.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3289	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	209.140.136.209 209.140.136.209	11643 (EBAY) (EBAY)
28	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:10:... 2606:4700:10::ac43:2870	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.75.89.51 104.75.89.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:480... 2a02:26f0:480:28f::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
14	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.124.130.212 3.124.130.212	16509 (AMAZON-02) (AMAZON-02)
4 4	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
209	34

2 104.238.222.166 (United States) 2 redirects

ASN23470 (RELIABLESITE, US)
PTR: server5.stormerhost.com

digitalinvestmenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.29.132.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium197-2.web-hosting.com

qa.cr-halal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29ed (United States)

ASN13335 (CLOUDFLARENET, US)

www.stilt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3289 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.punchng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.136.209 (United States)

ASN11643 (EBAY, US)
PTR: andes-public-lvsaz01-1-1.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:2870 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.nt.vc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:28f::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.130.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-130-212.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.192.160.219 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	criteo.net static.criteo.net — Cisco Umbrella Rank: 680 pix.eu.criteo.net — Cisco Umbrella Rank: 8015 csm.eu.criteo.net — Cisco Umbrella Rank: 8166	492 KB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	577 KB
33	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	154 KB
13	cr-halal.com qa.cr-halal.com	85 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	106 KB
9	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12901 ads.eu.criteo.com — Cisco Umbrella Rank: 7867 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14559 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9829	147 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	55 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	325 KB
6	ebaystatic.com secureir.ebaystatic.com — Cisco Umbrella Rank: 6458	118 KB
6	nt.vc metrics.nt.vc — Cisco Umbrella Rank: 147287	24 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	5 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	3 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	4 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	15 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	1 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	248 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	479 B
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 729	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	417 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	900 B
2	digitalinvestmenthub.com 2 redirects digitalinvestmenthub.com	543 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 651	758 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 584	98 B
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1287
1	ebayadservices.com www.ebayadservices.com — Cisco Umbrella Rank: 7177	14 KB
1	punchng.com cdn.punchng.com — Cisco Umbrella Rank: 219572	83 KB
1	stilt.com www.stilt.com — Cisco Umbrella Rank: 301119	127 KB
1	ois.is ois.is — Cisco Umbrella Rank: 348968	734 B
209	29

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	pix.eu.criteo.net	ads.eu.criteo.com
21	static.criteo.net	ads.eu.criteo.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com ois.is googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	qa.cr-halal.com pagead2.googlesyndication.com googleads.g.doubleclick.net ois.is www.googletagservices.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	googleads.g.doubleclick.net
13	qa.cr-halal.com	www.google.com qa.cr-halal.com
7	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	secureir.ebaystatic.com	www.ebayadservices.com secureir.ebaystatic.com qa.cr-halal.com
6	metrics.nt.vc	www.ebayadservices.com metrics.nt.vc
6	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
6	www.google.com	2 redirects ois.is pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	e.dlx.addthis.com	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	googleads.g.doubleclick.net
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
2	odr.mookie1.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com www.google.com
2	digitalinvestmenthub.com	2 redirects
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	secure.insightexpressai.com	www.ebayadservices.com
1	www.ebayadservices.com	googleads.g.doubleclick.net
1	cdn.punchng.com	qa.cr-halal.com
1	www.stilt.com	qa.cr-halal.com
1	ois.is
209	38

This site contains links to these domains. Also see Links.

Domain
www.wired.com
blog.liquid.com
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
qa.cr-halal.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-09` - `2023-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
andes.ebay.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-09` - `2023-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.ebay.com Sectigo RSA Organization Validation Secure Server CA	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.insightexpressai.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-14` - `2023-03-15`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Frame ID: 522BA4113D832DFAC9BC2B0939FFCDF4
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: DC1D789B396533DB1E6A346D9A5CE656
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1665692274&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273850&bpp=6&bdt=711&idt=137&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4812451814742&frm=20&pv=2&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166
Frame ID: D93BF4AC4BEC333CC4D5DEC07A852870
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273856&bpp=2&bdt=717&idt=164&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS5lgTloVY&p=https%3A//qa.cr-halal.com&dtd=171
Frame ID: 40047E2D05D7BB6E9067C0EB9899F3FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665692274&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273859&bpp=1&bdt=720&idt=175&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5JL7wCk6FC&p=https%3A//qa.cr-halal.com&dtd=178
Frame ID: 6825DB1E1DB73D376E9AB4FB7DB42ECC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CksCCcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6AFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l5ZuUL56Q1WRxqyugLmBJ5-7V7pml1SfpM1ayUiIEPkgUsVQ7PRswASHi7W0iwSSBQQIBBgBkgUECAUYBKAGEYAHt_WXeagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOKTB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=pCHFke63KI4&uach_m=[UACH]
Frame ID: A7AFADA5D102295B7475C1A0605ED42C
Requests: 8 HTTP requests in this frame

Frame: https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-166314-871238-2&mkcid=4&mkevt=2&mpt=997492386&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=77&icep_siteid=77&ipn=admain2&adtype=2&size=728x90&pgroup=560283&mpvc=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26sig%3DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%26client%3Dca-pub-3135644639015474%26adurl%3D
Frame ID: D583D81A068322434884275602DAFCA1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D476DBBBD3A0D3900CB47385AB85B33A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38
Frame ID: 7960483C60AD2E8E5467EF0B525BC7BC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43
Frame ID: 8F2C91340780D31509B05F0AEE289F0A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47
Frame ID: F9E918D63811541FB0537959E9A54E49
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4F9E99B69B3F8420D3DC98B0627D9119
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8E7A89D0054DD3A02096A85ECD86A3D3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 4D3C452482638578EDB07859D1D75D47
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A08F8F4EB4F462DCA5EBCA53593A1A60
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: B8E95EE0FFC05E5A55139A984E7864A0
Requests: 1 HTTP requests in this frame

Frame: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0
Frame ID: 69D79E4B53E63535FD77065A0C78950A
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANqfcKexF1AAGwkf2cWGqNedkAsfWD_A&u=%7CXYFoB2HKdfU0qICIQkg5TQkreFKxnI7ss%2BfJ3GTCbHc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSnTtv6Ye9vcml0d3GZHRsB8v-RVq-HiybZIeIx-gxBBSC2Hbcaudc67O7AOm-z8p8ZtaLbBTqgLbv2tUdarbhGOqjLLk68cFiwT2ipQviiNUm6KG1Nha_Jv39ICtwjQl9yPmo4W1k9g1pFVOjqYMQsj3YW8_Fi0h1f8IQQPIjt3JTuVKfwGC-CZKZcudO43R5KKN_PXfDUjH3WWvhbfZixxwqEH2pJ-kR33M33ffyVdzoHH7ei3hRSGyxxc3ErzoCEI3VSRZV3aBseHo3u7whIfTNC5FeU3cZVnRwFkX2fUn-6XbXtRAemE5VPLlxpbzVa72hjujAG_fpal1eg0tgq8YDs6GGPwe5tA1QToaQYEIcsbeIL8EhLBRNDh3AOC43EgCRIUsP8AxE2hZXisD5qMBhHxIcGDlL5lLmAUs0-tUIO1ABzxi-Zm6FQ-FRIxx09c2riIHlvsFMH-8W08_602cNnq5UpOkLmbR-ejQphf00pHgRvNDSlsNrEdlwC4xrIcTV8t7HB1PJkicVXgNtbX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfptfcnJIY_fTNvWi7AOR4YbgCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMzEzNTY0NDYzOTAxNTQ3NMgBCakCS19dJW5nsD6oAwGqBOMBT9BHhFD39T4ArVZapgpsm4R3J0VMw907qjIgQtHvlR0WmghwV7NOhhEKFTjA-QEbRyGDi91nPSb9-m-nMcGM-QfRC3dV-iboY3wBCUXmpmCny3ZSt7eOYW3m33TbUZxuQ7iPLdijWiRs2Z8fo2lILJGhXsXTGR6_I9E9HxI7SMdg86o5-NbcfGCxfa-hqPVlMqi6hkMDehmvFfLdzjMYJueK8ghAPSdYL5XaFH5vivXD7OyVPnI7suGGiZ3xQHeZ927Z6MlNtXW0ECM_oazXAo9wVwoUd1LfykeWNJmoAy7YJQmABtOm57HK1Ka-pAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hSC3FG5nMfPhCo-Dmsd5Vsxv5ng%26client%3Dca-pub-3135644639015474%26adurl%3D
Frame ID: 3C11671E4B52B36249A8A31149360BCB
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C052F8136A6D0B434EF6F15E05323CDA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E32B9E3097709A2AC1900EC3022B416
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANhzgDogQQAAlmeqvMYAZ3Has48vSdoQ&u=%7CXYFoB2HKdfV1PoE52ps%2FmuVyckwlMRkTQmqpXjsCzpg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSna5W6AFcYSxvbc35SmH91fBl3JPShkOLxJPyahKOAGEx_kmdKlDNtF_WvsddumubpTGt8nbDLlxNCT69YMzOwcdLcOPY_WaUDPDQtgPpRnTam9Vw-t9mLDzrR_RROh1H2Dem2MFNakfVCaIJ1bpJq8FniIBcm-AeabwVYzNNhtX_TKub2ons1T60kIDdv3Tr3c5KforSgtSI-ykI9e5pdB-LiK8gbuhv21_DrvuGj18BNXcq-5T390m0QXR_ez1HVJ972cT_W0-q-sxKy6sq2eogScFi1mRVFLqMkiISEYFxvt7U4Cp0JXNpYdM3OK3YEQ2wmI1BL5dCaRBMAFFnFs1ftxzbsP4SQEVSp0MCONQsVYMTUai5nNOjZvvVHK-ewj-EYxHQbori-I4EUEDBysyoiWfb04bkhwVfd3b9NiHqnVP6kVzSMDa-504YGt_np4GdgYdcot7Akrt1qQKCPTc_EDNezw5n6I_FQYHYtp9jMCGkBNvEBficu-TGmLc00ZfQhsAnq3oncLyBDbGvnj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5D_VcnJIY7iONpCIiM0P-syl8A_JntKxXM2G49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4wFP0Ng0rfO9e4dNYbF-ly5uOavR5ZMbPUnWvL5FdWm2GChLcImaFaxywNCFYd1pnI8PieTmFDO7FLG7xvjuvvPop3f3Kz3yWhT7uIEkXQoCfjssZMxu3Zuq9a3Jy7WmJrdlgiyRu0YiVHIRbRKXW3DRPTyeGjH5ORinR_MkeLX5njtP_DAjCCBlx9_PtTdLQb3yyFuK07AAPw8K-H1vAAdctEY9hm-OliWOAPx4zY-45Nox7R9c37pFiIldjOiBIruGdrLbTL5a4TVPhBdA9Wpy8Hw3ulE7txabWSZ8MTtIJZhWfYAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ocrvNxsGMWEcmMoLmDXwxY6_t9g%26client%3Dca-pub-3135644639015474%26adurl%3D
Frame ID: 53FA0068864C51100123070BBE732AA1
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25FFF111E477574A2B159896DB6A5BA5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 8BD6C208748B6B351F613D04257B44A8
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANsH4KGMvVAAGwKYgo7V220Q1xTwuWUw&u=%7CXYFoB2HKdfXpcadfcCSzeNfESfTkOCoxQ6pSiyZRE8s%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSk9RKUl8rtxeudHqrBsX1PDCMJyW9sAmycyIX4-r6xGKt6FjK1lmAqYzSt1xeemjXTaE0Z8BSqigzrNSm4SEvalOJPH8Ht2_2HysYtml24-qD-AmnukLMzJmK2rRwqW2aqQFjXqB9FTUgwrbb8c6rBuiN6vDOJLvT5egR4glB_vj0n0-w11ovGGwtpcpqy0HnDOxMPFRiAv7AXgWpXZjL_mkoiRltPoKpdgN5RFesi9I81962QjPoJ_oebXX5vVaNEBn3mHNFnAJLGIBTMt4oKXMxayXW-BJv9zVgBg24a1GOgiVvelQFdd8ZGJgstIbwMjmeH0LHv4AeOCOKmqfl4BEp-Q7LrHQxxZM2K0C3Q-fjO80GRtj-8wuOUfoQHYR9jn1n5JiKeOFxt8oZOUK2AZ53IKc9R1YpRVSTCRvr5Z7m1FekeXX4Ls0zxQ40wwJObDkEgkVlO2q8lQzaORN6sICGQrcu_AnNFTVAMTpS8xQ6Aqm3pHZbGNzE5KQH9vTXa9aLJwhrmcw_BKIt9dFkTe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeclscnJIY_7gNtWXY6nghrgJyZ7SsVz1nZj3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4wFP0HUfsGvcmgopyjg3O5ZXiCmAnYsy4xJWOPP4ob7GGwVyiQZr1al0-w8gWtMq-gQPeQhZ5v3_HqC6eFPySxtbmzsZlXbcUE2WuOXt12yiKqW-kIfveU35a9cueqTm7pMx4mMcd3mmzDk2CqlM4C97J9DypR8NEkIWC4USbdscui53ms-vX9Vn3MkUtqPZf8jXlbGzI84LSCJmNLYyrmi27c_Wu_f0XUKI31QcMaJy56S4Opxw5h3A5uHygefnLO8cwS8YlGQ5nClqyl2X_jZrr08hctWJQ9wk9Y4SnJEwT0eSvoAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1532hDAwqJy26BeHqOWLzRzYsvCQ%26client%3Dca-pub-3135644639015474%26adurl%3D
Frame ID: 71B0F553A8AA2E751AF73E43CC921844
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 579E1348C7FFDC05C4FA6633F91D925F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17746CDC773AFB8B390BBF45A968E7B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2AACCA93B077A5BE3F8CB9299A687CC5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NOW || Earn Daily from Crypto Trading 2023 - Cryptocurrency Earning

Page URL History Show full URLs

http://digitalinvestmenthub.com/ HTTP 301
https://digitalinvestmenthub.com/ HTTP 302
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from... Page URL
https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

209
Requests

95 %
HTTPS

58 %
IPv6

29
Domains

38
Subdomains

34
IPs

4
Countries

2331 kB
Transfer

5141 kB
Size

30
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wired.com/story/how-to-choose-set-up-crypto-wallet/
Title: in your crypto wallet

Search URL Search Domain Scan URL

URL: https://blog.liquid.com/impermanent-loss
Title: impermanent loss

Search URL Search Domain Scan URL

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://digitalinvestmenthub.com/ HTTP 301
https://digitalinvestmenthub.com/ HTTP 302
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023&ved=2ahUKEwiquNiGxdj6AhUJ3RoKHeUHDnUQFnoECAcQAQ&usg=AOvVaw2uw3wvxIs7P7Al2Ep-hW8y Page URL
https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://digitalinvestmenthub.com/ HTTP 301
https://digitalinvestmenthub.com/ HTTP 302
https://ois.is/images/logo.png

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENNQegDiInSBWIr8keb-jWw&google_cver=1&google_push=AZmPxg_KWf7SHfb64zlj6u7B1g3qiRdHwXZVVWI2gQeIN1qELxVOQBAp1dYFSIEklbMhSYg76aF7oj4BLWeXtDVHcsC_dZqa53rS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5S1otMU4tSkk4&google_push=AZmPxg_KWf7SHfb64zlj6u7B1g3qiRdHwXZVVWI2gQeIN1qELxVOQBAp1dYFSIEklbMhSYg76aF7oj4BLWeXtDVHcsC_dZqa53rS

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_cver=1&google_push=AZmPxg_McpVX5JqSE6JhiRQDeZrVmkOagMNfNgTgXCsl2TJZBFKn8p-MSLCnzeZiJLNrSyLig5pqZOOqDK2LYvon0bO4FJ6JlLQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_push=AZmPxg_McpVX5JqSE6JhiRQDeZrVmkOagMNfNgTgXCsl2TJZBFKn8p-MSLCnzeZiJLNrSyLig5pqZOOqDK2LYvon0bO4FJ6JlLQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg_McpVX5JqSE6JhiRQDeZrVmkOagMNfNgTgXCsl2TJZBFKn8p-MSLCnzeZiJLNrSyLig5pqZOOqDK2LYvon0bO4FJ6JlLQ

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHI0YfNj_dz3Kggcrfu9Vyo&google_cver=1&google_push=AZmPxg8OqGlsvR3h0VCfPY9bZA2DyBSmldF74TnIiDttT4ahnrmgdohGmIPilCDkz8foqjg8pmwKTxt4SG1wmYBkaHyrTGSuv3XM HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8OqGlsvR3h0VCfPY9bZA2DyBSmldF74TnIiDttT4ahnrmgdohGmIPilCDkz8foqjg8pmwKTxt4SG1wmYBkaHyrTGSuv3XM&google_hm=5Ra4kpmtwCwgtOOh-PPPdA

Request Chain 118

https://d.agkn.com/pixel/2175/?google_gid=CAESEK5WkltTV4dMiRdUkBavjxQ&google_cver=1&google_push=AZmPxg__u9UUt4ljoqPCGViQoJcOCmSaFTyMhYPr_fOjyISzBZtA0HT4DwrDpMm4tLdOJrm1MDqwtHG8DsqmwKN8aJmP5sqK6nA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg__u9UUt4ljoqPCGViQoJcOCmSaFTyMhYPr_fOjyISzBZtA0HT4DwrDpMm4tLdOJrm1MDqwtHG8DsqmwKN8aJmP5sqK6nA&google_hm=Q0FFU0VLNVdrbHRUVjRkTWlSZFVrQmF2anhR

Request Chain 119

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9ZYQkSM1oaQW3nCA7CqAgcgiD62nET79QO6elU2-ueup83lIg8naXRO3Gt1O7eqKgrBPejjdFpIHbr7ZRfCU3rWnLG5F4_&google_gid=CAESEMmQnpDTiF7I5YwEGkNeI_c&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9ZYQkSM1oaQW3nCA7CqAgcgiD62nET79QO6elU2-ueup83lIg8naXRO3Gt1O7eqKgrBPejjdFpIHbr7ZRfCU3rWnLG5F4_&google_gid=CAESEMmQnpDTiF7I5YwEGkNeI_c&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDAxMzc0NDk3OTY3MA%3D%3D&google_push=AZmPxg9ZYQkSM1oaQW3nCA7CqAgcgiD62nET79QO6elU2-ueup83lIg8naXRO3Gt1O7eqKgrBPejjdFpIHbr7ZRfCU3rWnLG5F4_

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENNQegDiInSBWIr8keb-jWw&google_cver=1&google_push=AZmPxg-8pmNg7Go2seqQ6aMA48RkpDIGj_8KUN_YSkaWYFsyfNJzuLG4euVQDEbHI0Pi3o6a6gcb3zvKG6DUWZjDJjnusOk0Vtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5UDYtMVAtMjVYOA==&google_push=AZmPxg-8pmNg7Go2seqQ6aMA48RkpDIGj_8KUN_YSkaWYFsyfNJzuLG4euVQDEbHI0Pi3o6a6gcb3zvKG6DUWZjDJjnusOk0Vtg

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_cver=1&google_push=AZmPxg8VPvklQ75BaANgBs0tMZAMlw7IE1PK9yEkZEMtVzSKswNI4wpdhSTPyg7s6cg0UYgMIx4-peg-uvNl4urWSsb-yLRxtLY HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg8VPvklQ75BaANgBs0tMZAMlw7IE1PK9yEkZEMtVzSKswNI4wpdhSTPyg7s6cg0UYgMIx4-peg-uvNl4urWSsb-yLRxtLY

Request Chain 152

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHI0YfNj_dz3Kggcrfu9Vyo&google_cver=1&google_push=AZmPxg-lbiJ4-5kTKLj9jVeKSL-tI8xQDXRl9uKgNF_P2XrHlnc54AU1rSnUjq_ZlAmQ6Jjs-3uyxYB7mAaIJ0fjS3nH4Agh3w HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-lbiJ4-5kTKLj9jVeKSL-tI8xQDXRl9uKgNF_P2XrHlnc54AU1rSnUjq_ZlAmQ6Jjs-3uyxYB7mAaIJ0fjS3nH4Agh3w&google_hm=5Ra4kpmtwCwgtOOh-PPPdA

Request Chain 153

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-kX_lcyynDl2QIl1l8NxH3UN0D_K1_AVtvbuHu94jBmmE9amztfQjNFHaHx8tfKHnz0MwfY7bzCvYyb3lKMaV1MkOOjA&google_gid=CAESEMmQnpDTiF7I5YwEGkNeI_c&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-kX_lcyynDl2QIl1l8NxH3UN0D_K1_AVtvbuHu94jBmmE9amztfQjNFHaHx8tfKHnz0MwfY7bzCvYyb3lKMaV1MkOOjA&google_gid=CAESEMmQnpDTiF7I5YwEGkNeI_c&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDA5NTUxNjUyMjM3MA%3D%3D&google_push=AZmPxg-kX_lcyynDl2QIl1l8NxH3UN0D_K1_AVtvbuHu94jBmmE9amztfQjNFHaHx8tfKHnz0MwfY7bzCvYyb3lKMaV1MkOOjA

Request Chain 157

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENNQegDiInSBWIr8keb-jWw&google_cver=1&google_push=AZmPxg8u7ZWD_Sc1IzGuDmhFuUDAj_FXayTYXxJWJ7PavoLVztHRnzD_z0ivAeepuinbvSVUDQx_lAZX1IvOjX1k0wQWSFiewQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5VzUtMUktREtSTA==&google_push=AZmPxg8u7ZWD_Sc1IzGuDmhFuUDAj_FXayTYXxJWJ7PavoLVztHRnzD_z0ivAeepuinbvSVUDQx_lAZX1IvOjX1k0wQWSFiewQ

Request Chain 158

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_cver=1&google_push=AZmPxg9N8wVDc4ynmffYyIJhQk1pg6H1uHcY8RiCD-sCRYmQpwhwItR78jW0HKrKJGuoB_dKql-zFK_nojwYJuf7uiHIz7GGpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg9N8wVDc4ynmffYyIJhQk1pg6H1uHcY8RiCD-sCRYmQpwhwItR78jW0HKrKJGuoB_dKql-zFK_nojwYJuf7uiHIz7GGpw

209 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

logo.png
ois.is/images/
Redirect Chain

http://digitalinvestmenthub.com/
https://digitalinvestmenthub.com/
https://ois.is/images/logo.png

485 B
734 B

119ms
53ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 759ac2dcdbc0916e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 13 Oct 2022 20:17:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGkErObRzvDfl%2Fq874CgGEMHKuAIehUKjz7Xs8oK6tF%2FqqZGJNE5L6MBKspTtDPlkVr1jrzjPYHiFyAXPsZmp0NpKPmPqnkmKZ3XPBJ3S6Q3nPhEZJJaO2ata%2F3b%2BQ9fhUlXk%2BM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
content-length: 88
content-type: text/html; charset=UTF-8
date: Thu, 13 Oct 2022 20:17:51 GMT
location: https://ois.is/images/logo.png
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.32

GET
H2 200 url
www.google.com/ 1004 B
1 KB 114ms
55ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023&ved=2ahUKEwiquNiGxdj6AhUJ3RoKHeUHDnUQFnoECAcQAQ&usg=AOvVaw2uw3wvxIs7P7Al2Ep-hW8y

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 496
content-type: text/html; charset=UTF-8
date: Thu, 13 Oct 2022 20:17:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request now-earn-daily-from-crypto-trading-2023 Show response
qa.cr-halal.com/13/ 30 KB
9 KB 578ms
210ms Document
text/html 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023&ved=2ahUKEwiquNiGxdj6AhUJ3RoKHeUHDnUQFnoECAcQAQ&usg=AOvVaw2uw3wvxIs7P7Al2Ep-hW8y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 3a44f7ebc52257680a941c6bae4c1981bfc1e57a6ed67e3ca81045e4e61d08ea

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 8383
content-type: text/html; charset=utf-8
date: Thu, 13 Oct 2022 20:17:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 qa-styles.css
qa.cr-halal.com/qa-theme/SnowFlat/ 70 KB
11 KB 175ms
174ms Stylesheet
text/css 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11456
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.cr-halal.com/qa-content/ 87 KB
30 KB 348ms
347ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30282
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 qa-global.js Show response
qa.cr-halal.com/qa-content/ 20 KB
5 KB 521ms
520ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4765
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 snow-core.js Show response
qa.cr-halal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 521ms
520ms Script
application/javascript 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 02:04:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 885
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 123ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56617eb2f4f8837fa9b51fed6b77c87e842280900ca52fcfe13a92f4cdaba2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54665
x-xss-protection: 0
server: cafe
etag: 4644589972609920288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 20:17:53 GMT

GET
H2 200 6-1024x576.png
www.stilt.com/wp-content/uploads/2022/03/ 131 KB
127 KB 99ms
37ms Image
image/png 2606:4700:10::ac43:29ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stilt.com/wp-content/uploads/2022/03/6-1024x576.png

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:29ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e67b814109cc3112e4b90f94d802040e7c53dacba01f272b4517d8c07732129c

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
age: 2432
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Mar 2022 00:16:10 GMT
server: cloudflare
etag: W/"6222abca-20d42"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN always
content-type: image/png
cf-ray: 759ac2e6dba3921d-FRA

GET
H2 200 Bitcoin.jpg
cdn.punchng.com/wp-content/uploads/2021/08/02162218/ 83 KB
83 KB 115ms
50ms Image
image/jpeg 2606:4700:10::6816:3289
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.punchng.com/wp-content/uploads/2021/08/02162218/Bitcoin.jpg
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3289 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad6a67c27aa9c5c3cd1af30bd445f9a7f1de2e3458f0fb9d1f5a1073e98f0d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P4
age: 178375
x-cache: Hit from cloudfront
content-length: 84701
cf-bgj: h2pri
last-modified: Mon, 02 Aug 2021 14:22:19 GMT
server: cloudflare
etag: "faeec7967ef5d8d8452d83b3a519ad97"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 759ac2e6e9de913d-FRA
x-amz-cf-id: _su-EZLfEMCSeW9NqU8eXx55gDx6ZpoRYTQSzofRFKjmdi4EyXhPWg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 106ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c0f003ed7d1d7f2aab14d345404c542c31cfa61ce3ac0c0ae6141855f053eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Origin: https://qa.cr-halal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54833
x-xss-protection: 0
server: cafe
etag: 7155402613210870311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 20:17:53 GMT

GET
H2 200 vote-buttons-3.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 174ms
173ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Sat, 01 Aug 2020 02:52:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1457
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 fontello.woff
qa.cr-halal.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 175ms
174ms Font
font/woff 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.cr-halal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 26 Jul 2016 05:31:58 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7200
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 answer-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 179ms
175ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2867
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 answer-select.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 179ms
175ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1831
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 link-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 179ms
175ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3026
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 comment-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 179ms
176ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2906
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 search-icon-white.png
qa.cr-halal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 179ms
177ms Image
image/png 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1412
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.cr-halal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 326ms
324ms Image
image/gif 66.29.132.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.cr-halal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium197-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
last-modified: Tue, 15 Jan 2019 04:08:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7781
expires: Thu, 20 Oct 2022 20:17:53 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/ 353 KB
116 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8a0e28dd734e28b0e0c9c64b7dddf6cf55a63bfc30698b9d52c6db1341b9844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118743
x-xss-protection: 0
server: cafe
etag: 3231352450362218392
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 20:17:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame DC1D 10 KB
5 KB 87ms
32ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3135644639015474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 21:57:16 GMT
etag: 9671129459699598864
expires: Wed, 26 Oct 2022 21:57:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
698 B 109ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&callback=_gfp_s_&client=ca-pub-3135644639015474&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3135644639015474&plah=qa.cr-halal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

522f5300651d831ecde4232c74d0ad2d25aba96c508f4d0c1fa5142008511f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 114ms
36ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 89ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D93B 242 KB
62 KB 706ms
655ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&adk=1812271804&adf=3025194257&lmt=1665692274&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273850&bpp=6&bdt=711&idt=137&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4812451814742&frm=20&pv=2&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24e9905e366804329ed38cb38f21d0b1626dd324299808ced331708280e1e569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 63357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:54 GMT
expires: Thu, 13 Oct 2022 20:17:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4004 42 KB
13 KB 570ms
529ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273856&bpp=2&bdt=717&idt=164&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS5lgTloVY&p=https%3A//qa.cr-halal.com&dtd=171

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e455a4e91f6a59aab5cc55c9a8f7594b67599f3a74cb2598e43de54a64e990f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13702
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:54 GMT
expires: Thu, 13 Oct 2022 20:17:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6825 68 KB
28 KB 637ms
606ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665692274&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273859&bpp=1&bdt=720&idt=175&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5JL7wCk6FC&p=https%3A//qa.cr-halal.com&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc9ebb1197600a2034dbb4b2902edcade9b6bb05681524db11c175cc8c27f25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:54 GMT
expires: Thu, 13 Oct 2022 20:17:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A7AF 0
0 71ms
67ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CksCCcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6AFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l5ZuUL56Q1WRxqyugLmBJ5-7V7pml1SfpM1ayUiIEPkgUsVQ7PRswASHi7W0iwSSBQQIBBgBkgUECAUYBKAGEYAHt_WXeagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOKTB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=pCHFke63KI4&uach_m=[UACH]

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273856&bpp=2&bdt=717&idt=164&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS5lgTloVY&p=https%3A//qa.cr-halal.com&dtd=171
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 20:17:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Oct 2022 20:17:54 GMT

GET
H/1.1 200
OK ar Show response
www.ebayadservices.com/marketingtracking/v1/ Frame D583 14 KB
14 KB 642ms
245ms Document
text/html 209.140.136.209
EBAY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-166314-871238-2&mkcid=4&mkevt=2&mpt=997492386&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=77&icep_siteid=77&ipn=admain2&adtype=2&size=728x90&pgroup=560283&mpvc=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26sig%3DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%26client%3Dca-pub-3135644639015474%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=90&slotname=4460484953&adk=3576269607&adf=383669989&pi=t.ma~as.4460484953&w=748&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273856&bpp=2&bdt=717&idt=164&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS5lgTloVY&p=https%3A//qa.cr-halal.com&dtd=171

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

209.140.136.209 , United States, ASN11643 (EBAY, US),

Reverse DNS

andes-public-lvsaz01-1-1.ebay.com

Software

ebay-proxy-server /

Resource Hash

ac9c1f44ac2029817e0115309466c60246182a9b8252cd9739efefdbf219863e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version
cache-control: private, no-cache
content-length: 14045
content-type: text/html;charset=UTF-8
date: Thu, 13 Oct 2022 20:17:54 GMT
pragma: no-cache
rlogid: t6baubqsodf%3F%3Ctofgcp%60tqjfc*%7Bmueh%28rbpv6612-183d2ff11ad-0x2358
server: ebay-proxy-server
strict-transport-security: max-age=31536000
x-ebay-pop-id: SLBLVSAZ01
x-envoy-upstream-service-time: 54

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A7AF 35 KB
14 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14245
x-xss-protection: 0
server: cafe
etag: 192306719259198832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:20:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A7AF 3 KB
1 KB 112ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A7AF 17 KB
7 KB 89ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7AF 152 KB
47 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame A7AF 23 KB
9 KB 103ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H2 200 3211334600342843103
tpc.googlesyndication.com/simgad/ Frame 6825 49 KB
50 KB 55ms
51ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3211334600342843103?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn-l9UTWhJXE9uhMO0uT_xAkdhHVg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665692274&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273859&bpp=1&bdt=720&idt=175&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5JL7wCk6FC&p=https%3A//qa.cr-halal.com&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5520b9c6bfb08d5453d42456a4afc37acb959ccd5434c28d01d9d0d6ae21d206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 12:47:13 GMT
x-content-type-options: nosniff
age: 199841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50670
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 12:32:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 12:47:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 6825 23 KB
9 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 6825 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 6825 17 KB
7 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6825 152 KB
46 KB 88ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 6825 32 KB
13 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b17be166a31cc48b3d1baaabf0d76cadae91446d255c6b6ae23d9794bdc8110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 22:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13668
x-xss-protection: 0
server: cafe
etag: 12775887211806279595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 22:46:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6825 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIIOOcnJIY6XaBvus7AOo1rj4A8jrrI5m9N6D28gOx-Wf0PwoEAEghtzOHWCVgoCAsAegAbr-4fkCyAECqQIkMNH-dGiwPqgDAcgDyQSqBO0BT9AEWolYS9gevMzMS6ovZX5zqdsCWeazrZSyEqye2oXTEWm0NdpDVCq4GgwBNS2jtZs8b1qceIpN8mc83fRRj5PoiqKpv8Lo11SRWPtEPWvRD9lpcHBxc8qse-LKhPLxDfrJ_MKwGO87xutyXD4d1_rey9GYDw7liXUqqlsmSAMeaniNaPYWINur6cZ01DGb_fPRjDB1MfirbIBwuUuWR_5ddn5p-54XMu8vK1NpeNT3810H9CzUerNvbyZTavSkf8Z93P4UpF9N7YWdclpIitzamHZpA0ismM7aSPdCR_FcvKYiGEcm0qnxY2T7wATg1ZK65QOSBQQIBBgBkgUECAUYBKAGAoAHroGehgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDylwXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTM1NjQ0NjM5MDE1NDc0GAA&sigh=XaaviwdxACQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665692274&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273859&bpp=1&bdt=720&idt=175&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5JL7wCk6FC&p=https%3A//qa.cr-halal.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 20:17:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Oct 2022 20:17:54 GMT

GET
DATA 200
OK truncated
/ Frame A7AF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8e758f47c2bf32bf96d256543e273d2d6b1e6dfd878e4b11f8e77bfd837f254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D476 143 B
166 B 24ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=640&slotname=1734293738&adk=1547583112&adf=2079921753&pi=t.ma~as.1734293738&w=320&lmt=1665692274&format=320x640&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692273859&bpp=1&bdt=720&idt=175&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5JL7wCk6FC&p=https%3A//qa.cr-halal.com&dtd=178
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 19:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/ 151 KB
54 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78700b487e88094ea47c33f41c80c90b01b7fb41d79edf55e2f7d847b8cb1cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55073
x-xss-protection: 0
server: cafe
etag: 239840038528150869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 20:17:54 GMT

GET
H3 200 async-ads.js Show response
www.google.com/adsense/search/ 142 KB
52 KB 79ms
31ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e2379fbb40623861ca0f591cd352c9ee5b6b07490623e29342c4f3efc129960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "16497282715256005327"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:54 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 77ms
31ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.cr-halal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7960 26 KB
12 KB 669ms
669ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c35a8328673c7883f4fe7be528cbb220e009d3bc929456659bead4a957b7227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11885
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F2C 26 KB
12 KB 519ms
518ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b53f6286af2397bbed02c1b62d40ea75ef1b01402454fd81e66f4421d96e7740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11814
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9E9 26 KB
12 KB 946ms
945ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6847764b21f2678786b74ddc8064733b3330f1ec12773a9473829f4c8e35bfc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D476
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
expires: Thu, 13 Oct 2022 20:17:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 4F9E 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:15:13 GMT
etag: 9671129459699598864
expires: Thu, 27 Oct 2022 20:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 8E7A 10 KB
4 KB 25ms
22ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:15:13 GMT
etag: 9671129459699598864
expires: Thu, 27 Oct 2022 20:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 189 B
202 B 76ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.cr-halal.com&client=partner-pub-3135644639015474&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b6180e29c0e9e199bf06b92760bbc7b677a53af5d3a6578785ae5a5d063a91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 180
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4F9E 4 KB
1 KB 88ms
32ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 18:30:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F9E 205 B
743 B 81ms
28ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 17:20:14 GMT
x-content-type-options: nosniff
age: 10661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 13 Oct 2023 17:20:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F9E 604 B
694 B 84ms
30ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:52:48 GMT
x-content-type-options: nosniff
age: 1507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 13 Oct 2023 19:52:48 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 4F9E 19 KB
8 KB 79ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 5516984893510486959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:00:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8E7A 4 KB
694 B 82ms
33ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 18:18:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8E7A 2 KB
902 B 64ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8E7A 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Fm5cnJIY5z8BdKVjuwP29-3sALt9ubwbLq7lurUEMCNtwEQASCG3M4dYJWCgICwB6AB1eHZwyjIAQmpAp4teRmBTLA-qAMByAPLBKoE_gFP0BzVdyBiRH08TDxNRVoxr92bCZva9pHgTRXthzDTxTR5yYdQUGjhxcxG0LuRkoC2Z713wuEn4_mez3aHFBmNo0agx2YQyKylQIwVsUBQei-RaYtaY7gLvbTBaNgjU78UMdUWA2C6ouPM-aTiP8sUoolft5xwk84aPiH85PXnFlBY6BXFUQRAQCepPwNejn4v3oR6NZc2pJhggyXH6fwiFm8rlR1d6bcFrEGS9EkCBFyCKN-gAJiaVhYJeKaJWOxL2wBQMgkKnx6NGHTr2KWAzhVZYpc5fJH37zQUN8TDdqdAdES7hH1egjg9r9aB-nJI6emk9sEudFhnfi4flsAE6f_RtJwEkgUECAQYAZIFBAgFGASgBi6AB9WZqqMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8KkI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=6_8A_tlIzIk&uach_m=[UACH]&template_id=484

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 20:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 8E7A 23 KB
9 KB 78ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8E7A 3 KB
1 KB 86ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8E7A 17 KB
7 KB 78ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E7A 152 KB
46 KB 113ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 8E7A 33 KB
14 KB 70ms
29ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/7709895822780157463/ Frame 8E7A 26 KB
26 KB 79ms
43ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7709895822780157463/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a2a26b9469cfe5ed88d7d103160a4fa8ccd3b60c1375593b7efb0cc325b3d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 18:45:22 GMT
x-content-type-options: nosniff
age: 178353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26895
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 09:33:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 18:45:22 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D3C 36 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A08F 8 KB
895 B 82ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 19:23:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A08F 2 KB
902 B 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame A08F 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A08F 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame A08F 17 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A08F 152 KB
46 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame A08F 33 KB
13 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
DATA 200
OK truncated
/ Frame 8E7A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371050953e263a82ba44be3f508467324f85b9713813bfd6c18dd25b4c67f9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame B8E9 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8F2C 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8F2C 17 KB
7 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F2C 152 KB
46 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H2 200 metrics.js Show response
metrics.nt.vc/ Frame D583 57 KB
23 KB 117ms
64ms Script
application/javascript 2606:4700:10::ac43:2870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.nt.vc/metrics.js?ii=6822675558884192&cn=rvrcnt6822675558884192&sz=728x90&cl=77&ee=&es=&dfp=0&ed=&eu=&ep=&est=&ec=&pl=7071663148712382&cr=131316&hu=&cg=&maid=&df=1&dapc=model_id,n,g&dapb=0&cgs=uvscg&iat=1665692275440&ev=iluvchdseaj&vic=
Requested by: Host: www.ebayadservices.com
URL: https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-166314-871238-2&mkcid=4&mkevt=2&mpt=997492386&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=77&icep_siteid=77&ipn=admain2&adtype=2&size=728x90&pgroup=560283&mpvc=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26sig%3DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%26client%3Dca-pub-3135644639015474%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4772b7b11145fa577af3abf913d1f88d27083e1802a4ff7f91f14d52efbe5f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 759ac2f1ecfbbbe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript

GET
H2 200 index.html Show response
secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/ Frame 69D7 4 KB
2 KB 299ms
63ms Document
text/html 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0

Requested by

Host: www.ebayadservices.com
URL: https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-166314-871238-2&mkcid=4&mkevt=2&mpt=997492386&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=77&icep_siteid=77&ipn=admain2&adtype=2&size=728x90&pgroup=560283&mpvc=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26sig%3DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%26client%3Dca-pub-3135644639015474%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

7d7ab07e3d133e66c4b39c6e78f6f32ed29814963f42f914804b182028355e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ebayadservices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
akamai-grn: 0.8c6656b8.1665692275.495080e7
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
content-length: 1791
content-type: text/html
date: Thu, 13 Oct 2022 20:17:55 GMT
expires: Fri, 13 Oct 2023 20:17:55 GMT
rlogid: t6q%60uebwh%3D9whhq%60uebwh*m0%3Ewu%28rbpv6710-1833cb81f70-0xda
server: ebay server
strict-transport-security: max-age=31536000
suppress-x-frame-options: true
vary: Accept-Encoding
x-cache-lookup: MISS from include-cache-2:80
x-cdn: AKAMAI
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 629
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame D583 0
0 255ms
26ms Image
text/html 2a02:26f0:480:28f::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=10243381&siteID=51242&creativeID=131316&placementID=560283&rnd=6822675558884192&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by: Host: www.ebayadservices.com
URL: https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-166314-871238-2&mkcid=4&mkevt=2&mpt=997492386&gdpr=&gdpr_consent=&campaignid={campaignid}&gclid={gclid}&siteid=77&icep_siteid=77&ipn=admain2&adtype=2&size=728x90&pgroup=560283&mpvc=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%26num%3D1%26sig%3DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%26client%3Dca-pub-3135644639015474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:28f::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F2C 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1AfCcnJIY_fTNvWi7AOR4YbgCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMzEzNTY0NDYzOTAxNTQ3NMgBCakCS19dJW5nsD6oAwGqBOABT9BHhFD39T4ArVZapgpsm4R3J0VMw907qjIgQtHvlR0WmghwV7NOhhEKFTjA-QEbRyGDi91nPSb9-m-nMcGM-QfRC3dV-iboY3wBCUXmpmCny3ZSt7eOYW3m33TbUZxuQ7iPLdijWiRs2Z8fo2lILJGhXsXTGR6_I9E9HxI7SMdg86o5-NbcfGCxfa-hqPVlMqi6hkMDehmvFfLdzjMYJueK8ghAPSdYL5XaFH5vivXD7OyVPnI7suGGy5_Q0vAWa31mdN3uZUgS6CorqxrdLJfy48Ip0aBg1GuOsTMsEJGABtOm57HK1Ka-pAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMxMzU2NDQ2MzkwMTU0NzQYAA&sigh=JUcarduAd_M&uach_m=[UACH]&cid=CAQSOwCsnQUxGNc69q_oE6eKlQl0M2_Ec6V9oFiVxXSXF8gof0pJVuLueKqtr-GqDLEKm3XoE7W_MtcuDCXhGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 20:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 8F2C 0
0 270ms
40ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kreyEsz6ROEEmAKdg2ICAgAAAKC6e99VcsfFdJMKyBByckhjkGliQWoPYVnaf6oAEgAA&wp=Y0hycgANqfcKexF1AAGwkf2cWGqNedkAsfWD_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 308879
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3C11 136 KB
45 KB 396ms
172ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANqfcKexF1AAGwkf2cWGqNedkAsfWD_A&u=%7CXYFoB2HKdfU0qICIQkg5TQkreFKxnI7ss%2BfJ3GTCbHc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSnTtv6Ye9vcml0d3GZHRsB8v-RVq-HiybZIeIx-gxBBSC2Hbcaudc67O7AOm-z8p8ZtaLbBTqgLbv2tUdarbhGOqjLLk68cFiwT2ipQviiNUm6KG1Nha_Jv39ICtwjQl9yPmo4W1k9g1pFVOjqYMQsj3YW8_Fi0h1f8IQQPIjt3JTuVKfwGC-CZKZcudO43R5KKN_PXfDUjH3WWvhbfZixxwqEH2pJ-kR33M33ffyVdzoHH7ei3hRSGyxxc3ErzoCEI3VSRZV3aBseHo3u7whIfTNC5FeU3cZVnRwFkX2fUn-6XbXtRAemE5VPLlxpbzVa72hjujAG_fpal1eg0tgq8YDs6GGPwe5tA1QToaQYEIcsbeIL8EhLBRNDh3AOC43EgCRIUsP8AxE2hZXisD5qMBhHxIcGDlL5lLmAUs0-tUIO1ABzxi-Zm6FQ-FRIxx09c2riIHlvsFMH-8W08_602cNnq5UpOkLmbR-ejQphf00pHgRvNDSlsNrEdlwC4xrIcTV8t7HB1PJkicVXgNtbX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfptfcnJIY_fTNvWi7AOR4YbgCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMzEzNTY0NDYzOTAxNTQ3NMgBCakCS19dJW5nsD6oAwGqBOMBT9BHhFD39T4ArVZapgpsm4R3J0VMw907qjIgQtHvlR0WmghwV7NOhhEKFTjA-QEbRyGDi91nPSb9-m-nMcGM-QfRC3dV-iboY3wBCUXmpmCny3ZSt7eOYW3m33TbUZxuQ7iPLdijWiRs2Z8fo2lILJGhXsXTGR6_I9E9HxI7SMdg86o5-NbcfGCxfa-hqPVlMqi6hkMDehmvFfLdzjMYJueK8ghAPSdYL5XaFH5vivXD7OyVPnI7suGGiZ3xQHeZ927Z6MlNtXW0ECM_oazXAo9wVwoUd1LfykeWNJmoAy7YJQmABtOm57HK1Ka-pAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hSC3FG5nMfPhCo-Dmsd5Vsxv5ng%26client%3Dca-pub-3135644639015474%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

79bb3e054a9b3a987979800d087196d6cb5b5daad97df968cd0f5cb344c02d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=y_FKLUMva4tURqrg4exiKO9AEY9-CC44Vz56qhbT_lOO3k_yLP1-NhQM-brBkrO65vdr6H5Q75t5oZN3nIu1kQ9D-yry9qMQ_F--F_2ZBeMOy1ipPk0mFimYVo5lbQ5H7zL7TDWmR33fD2ZZQgX0cfbFj3sS7VbCQ-nbN-VEz2-ah-cZODHBWN5kpd7cFiVseViLyI3xmbzVdVo45sMARl8ySyqv-_M0O_wd0XJSI35LJ-k20PtihaGgQguomZ6xbGKpJg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 104763067
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C052 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E32 143 B
166 B 31ms
22ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 19:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F2C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a20a126b58eda0fd95b2ab4e9ce1f907ff63de61d68a8480066c0f44d4e5396

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame C052 35 B
464 B 87ms
24ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHI0YfNj_dz3Kggcrfu9Vyo&google_cver=1&google_push=AZmPxg9NiLVNTk4zXxF0krwfR5HG0uepyZ_NT-0jZ3fTI2StQUo1J0peG-b_3Z2Ccy-_2bN7aVW4hNB76Hog9FHR8fW3y0FK3s2V

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C052 0
98 B 121ms
39ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8awt54GLZa29DzotoH9HPDfySbDVqWsXFzGIEGuwzEL1no3-Cth77AmilntVJXbdBmsDxAFYEmO-_iWzyAIT_-qjZzy8Yf&google_gid=CAESEJR9TJeE672yI-QdRzv6UiA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C052 43 B
356 B 111ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBaDoxo3VZ2ZNkMk9AYS1YY&google_push=AZmPxg84TUTB76qs98ZZqLB-DiCjGPGusq6-BC1OysoyBH4NWuDsdmHZaKuTiCdzUtUFnemiCGuWjS9BrMXKkuY2O3kknsrw9ndC&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C052 43 B
351 B 91ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDo6y82DUs75u8rH53M9tjo&google_cver=1&google_push=AZmPxg-Ns7iTg0VY6PUk280hKn96NjBr1uXjmfJViSGb2HeFeSkYOit5s0EeQXcp1PbALDBvioZiNcbyZr_zPjNtvdI5pM3d9P8R
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lsca7dsu0elhv7imqg2j3bhhjcd3gjmf

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C052 0
166 B 557ms
26ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGhhpEI377Za4kBS5OEftZE&google_cver=1&google_push=AZmPxg8QRi-iuG0Ni30qh0J89ZMOv9xLWWPxoESxEseI2TMuknNh5vVrMNjVtN-bb2-ZiBsZ06692faKrn7Whvc2916N8skbqBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 13 Oct 2022 20:17:55 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C052
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENNQegDiInSBWIr8keb-jWw&google_cver=1&google_push=AZmPxg_KWf7SHfb64zlj6u7B1g3qiRdHwXZVVWI2gQeIN1qELxVOQBAp1dYFSIEklbMhSYg76aF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5S1otMU4tSkk4&google_push=AZmPxg_KWf7SHfb64zlj6u7B1g3qiRdHwXZVVWI2gQeIN1qELxVOQBAp1dYFSIEklbMhSYg76aF7oj4BLWeXtDVHcsC_dZqa53rS

170 B
188 B

93ms
36ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5S1otMU4tSkk4&google_push=AZmPxg_KWf7SHfb64zlj6u7B1g3qiRdHwXZVVWI2gQeIN1qELxVOQBAp1dYFSIEklbMhSYg76aF7oj4BLWeXtDVHcsC_dZqa53rS

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5S1otMU4tSkk4&google_push=AZmPxg_KWf7SHfb64zlj6u7B1g3qiRdHwXZVVWI2gQeIN1qELxVOQBAp1dYFSIEklbMhSYg76aF7oj4BLWeXtDVHcsC_dZqa53rS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C052
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg_McpVX5JqSE6JhiRQDeZrVmkOagMNfN...

170 B
188 B

35ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg_McpVX5JqSE6JhiRQDeZrVmkOagMNfNgTgXCsl2TJZBFKn8p-MSLCnzeZiJLNrSyLig5pqZOOqDK2LYvon0bO4FJ6JlLQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nb1kHoE6sG9FADlgLHA9itQgsc5VDSJwSpgiEYTaTHn5mCSuoI3ixTGWyMovdlNKqgjzQplhP2bRNCH0R8FChmo90xLgjJNB9tVYaotpCI%2BDMBabiQRM1Z%2FkkYyrQjcW%2BjEVVY75TUzEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg_McpVX5JqSE6JhiRQDeZrVmkOagMNfNgTgXCsl2TJZBFKn8p-MSLCnzeZiJLNrSyLig5pqZOOqDK2LYvon0bO4FJ6JlLQ
cache-control: no-cache
cf-ray: 759ac2f3db90692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C052 0
232 B 117ms
34ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBzXWd-yzl5yMaJiVtySaX6OvC4DIdpa95emVSoXXSFyw9IZWtFTAyXmHJ7jn9H_aLmpRx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 _.7071663148712382.131316;csd=null;cst=1;pd=googleads.g.doubleclick.net;pp=%252F;sz=728x90;if=100;lt=1007;al=1;av=C1;nd=500;mv=28;ii=6822675558884192;el=85;
metrics.nt.vc/event/l/77/ Frame D583 43 B
257 B 83ms
49ms Ping
image/gif 2606:4700:10::ac43:2870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.nt.vc/event/l/77/_.7071663148712382.131316;csd=null;cst=1;pd=googleads.g.doubleclick.net;pp=%252F;sz=728x90;if=100;lt=1007;al=1;av=C1;nd=500;mv=28;ii=6822675558884192;el=85;
Requested by: Host: metrics.nt.vc
URL: https://metrics.nt.vc/metrics.js?ii=6822675558884192&cn=rvrcnt6822675558884192&sz=728x90&cl=77&ee=&es=&dfp=0&ed=&eu=&ep=&est=&ec=&pl=7071663148712382&cr=131316&hu=&cg=&maid=&df=1&dapc=model_id,n,g&dapb=0&cgs=uvscg&iat=1665692275440&ev=iluvchdseaj&vic=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.ebayadservices.com, https://www.ebayadservices.com
cf-ray: 759ac2f37edb5c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

POST
H3 200 _.7071663148712382.131316;dpd=g%25253D410112-0-1%252526n%25253D%252526model_id%25253D1%252526;ii=6822675558884192;el=86;
metrics.nt.vc/event/d/77/ Frame D583 43 B
221 B 88ms
55ms Ping
image/gif 2606:4700:10::ac43:2870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.nt.vc/event/d/77/_.7071663148712382.131316;dpd=g%25253D410112-0-1%252526n%25253D%252526model_id%25253D1%252526;ii=6822675558884192;el=86;
Requested by: Host: metrics.nt.vc
URL: https://metrics.nt.vc/metrics.js?ii=6822675558884192&cn=rvrcnt6822675558884192&sz=728x90&cl=77&ee=&es=&dfp=0&ed=&eu=&ep=&est=&ec=&pl=7071663148712382&cr=131316&hu=&cg=&maid=&df=1&dapc=model_id,n,g&dapb=0&cgs=uvscg&iat=1665692275440&ev=iluvchdseaj&vic=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.ebayadservices.com, https://www.ebayadservices.com
cf-ray: 759ac2f37ee15c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
DATA 200
OK truncated
/ Frame D583 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 7960 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 7960 17 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7960 152 KB
46 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7960 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-ooRcnJIY7iONpCIiM0P-syl8A_JntKxXM2G49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4AFP0Ng0rfO9e4dNYbF-ly5uOavR5ZMbPUnWvL5FdWm2GChLcImaFaxywNCFYd1pnI8PieTmFDO7FLG7xvjuvvPop3f3Kz3yWhT7uIEkXQoCfjssZMxu3Zuq9a3Jy7WmJrdlgiyRu0YiVHIRbRKXW3DRPTyeGjH5ORinR_MkeLX5njtP_DAjCCBlx9_PtTdLQb3yyFuK07AAPw8K-H1vAAdctEY9hm-OliWOAPx4zY-45Nox7R9c37pFiIkfjskTpTQaZQ1HWB2K3JO3jQNKQ2Bc6P6DcmydRamFdT75m79bmoAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=fFR4xxRnC10&uach_m=[UACH]&cid=CAQSOwCsnQUxzkGbVIMtJj0UJ0aBL91NGX5gfpmQzA1OZuH34wjIY5WcMyKJItWKYdBsozEUV6Lff2waJyE7GAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 20:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7960 0
0 43ms
42ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kreyEsz6ROEEmAKdg2ICAgAAAKC6e99VcsfFdJMKyBByckhj0VYA-J7SxIVLsmQAEgAA&wp=Y0hycgANhzgDogQQAAlmeqvMYAZ3Has48vSdoQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 354693
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 53FA 157 KB
49 KB 179ms
178ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANhzgDogQQAAlmeqvMYAZ3Has48vSdoQ&u=%7CXYFoB2HKdfV1PoE52ps%2FmuVyckwlMRkTQmqpXjsCzpg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSna5W6AFcYSxvbc35SmH91fBl3JPShkOLxJPyahKOAGEx_kmdKlDNtF_WvsddumubpTGt8nbDLlxNCT69YMzOwcdLcOPY_WaUDPDQtgPpRnTam9Vw-t9mLDzrR_RROh1H2Dem2MFNakfVCaIJ1bpJq8FniIBcm-AeabwVYzNNhtX_TKub2ons1T60kIDdv3Tr3c5KforSgtSI-ykI9e5pdB-LiK8gbuhv21_DrvuGj18BNXcq-5T390m0QXR_ez1HVJ972cT_W0-q-sxKy6sq2eogScFi1mRVFLqMkiISEYFxvt7U4Cp0JXNpYdM3OK3YEQ2wmI1BL5dCaRBMAFFnFs1ftxzbsP4SQEVSp0MCONQsVYMTUai5nNOjZvvVHK-ewj-EYxHQbori-I4EUEDBysyoiWfb04bkhwVfd3b9NiHqnVP6kVzSMDa-504YGt_np4GdgYdcot7Akrt1qQKCPTc_EDNezw5n6I_FQYHYtp9jMCGkBNvEBficu-TGmLc00ZfQhsAnq3oncLyBDbGvnj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5D_VcnJIY7iONpCIiM0P-syl8A_JntKxXM2G49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4wFP0Ng0rfO9e4dNYbF-ly5uOavR5ZMbPUnWvL5FdWm2GChLcImaFaxywNCFYd1pnI8PieTmFDO7FLG7xvjuvvPop3f3Kz3yWhT7uIEkXQoCfjssZMxu3Zuq9a3Jy7WmJrdlgiyRu0YiVHIRbRKXW3DRPTyeGjH5ORinR_MkeLX5njtP_DAjCCBlx9_PtTdLQb3yyFuK07AAPw8K-H1vAAdctEY9hm-OliWOAPx4zY-45Nox7R9c37pFiIldjOiBIruGdrLbTL5a4TVPhBdA9Wpy8Hw3ulE7txabWSZ8MTtIJZhWfYAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ocrvNxsGMWEcmMoLmDXwxY6_t9g%26client%3Dca-pub-3135644639015474%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c99b597ac98a583be4e2062bac6a355afa5b1dc5e953b88a159bd86a42540242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kgX1pUMva4tURqrgaRAjyi4JJemZPcNZYjhQzHP5YgZGLocTLHluGXQyDYMRqKjlzDPTkaoql8CigU1Bl-HADVIwUQqNHqYE__Y8v32afE-Xsv8VHKxCGtcEUZao8hraEV5rGv-T_GtDwIvLS5Umh7TBe4eFNVZQTISuOo7v74b7Cy8pscoyvtq8eZzqiRIXJa8k8r3Hy0mSVmXVmTrjaUuca2zr5Eefsi17IXXLVqD15wAVTzuHIger0su92iV_4s_LdQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 135718190
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25FF 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 createjs.min.js Show response
secureir.ebaystatic.com/cr/mscdn/8c75c7aa0444d01db83c924e9cffcee0/ Frame 69D7 236 KB
63 KB 24ms
22ms Script
application/x-javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/8c75c7aa0444d01db83c924e9cffcee0/createjs.min.js

Requested by

Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 73, 73, 93, 73, 73
suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: MISS from include-cache-1:80
x-cdn: AKAMAI, AKAMAI
date: Thu, 13 Oct 2022 20:17:55 GMT
akamai-grn: , 0.0733ca17.1661552320.13b15d37, , , 0.8c6656b8.1665692275.49508185
x-edgeconnect-midmile-rtt: 0, 0, 0, 116, 0
strict-transport-security: max-age=31536000
content-length: 63926
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9whhq%60uebwh*ih%3Fto%28rbpv6710-182dc3c5ffc-0xcd
access-control-allow-headers: *
expires: Fri, 13 Oct 2023 20:17:55 GMT

GET
H2 200 javascript.js Show response
secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/ Frame 69D7 47 KB
8 KB 53ms
52ms Script
application/x-javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/javascript.js?1663060681506

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

acb93136314655be58b4d24a30d903721ae25f69c675ba4265d69b8f7c56f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 675, 675
suppress-x-frame-options: true
content-encoding: br
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-0:80
x-cdn: AKAMAI, AKAMAI
date: Thu, 13 Oct 2022 20:17:55 GMT
akamai-grn: 0.af346868.1663154119.48108de1, , , , , , 0.8c6656b8.1665692275.4950818c
x-edgeconnect-midmile-rtt: 9, 17
strict-transport-security: max-age=31536000
content-length: 7581
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Sep 2022 11:15:20 GMT
server: Akamai Resource Optimizer
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9iptq%60uebwh*g1%7C%7Dw%28rbpv670%3D-1833bb5e4c6-0xd0
access-control-allow-headers: *
expires: Fri, 13 Oct 2023 20:17:55 GMT

GET
H2 200 ffm.js Show response
secureir.ebaystatic.com/cr/mscdn/6277d85adc230fe8a17eb6e58859b42b/ Frame 69D7 23 KB
7 KB 64ms
64ms Script
application/x-javascript 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/6277d85adc230fe8a17eb6e58859b42b/ffm.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8a792b187d7974f43960fbdb8b4fb5af8641920f8df59c07ee17e8377578ec41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0
Origin: https://secureir.ebaystatic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 74, 74, 74
suppress-x-frame-options: true
content-encoding: br
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-0:80
x-cdn: AKAMAI, AKAMAI
date: Thu, 13 Oct 2022 20:17:55 GMT
akamai-grn: 0.cb403617.1661552391.b3c144f6, , , , 0.8c6656b8.1665692275.49508194
x-edgeconnect-midmile-rtt: 13, 130, 13
strict-transport-security: max-age=31536000
content-length: 6840
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Aug 2022 22:19:52 GMT
server: Akamai Resource Optimizer
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9iptq%60uebwh*qt0a5%28rbpv670%3D-182dc3d756b-0xd9
access-control-allow-headers: *
expires: Fri, 13 Oct 2023 20:17:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E32
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
expires: Thu, 13 Oct 2022 20:17:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BD6 36 KB
15 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

POST
H3 200 _.7071663148712382.131316;suet=frd;f_ssx=1600;f_ssy=1200;f_wsx=1600;f_wsy=1200;f_wpx=0;f_wpy=0;f_uam=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F53...
metrics.nt.vc/event/e/77/ Frame D583 43 B
221 B 45ms
44ms Ping
image/gif 2606:4700:10::ac43:2870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.nt.vc/event/e/77/_.7071663148712382.131316;suet=frd;f_ssx=1600;f_ssy=1200;f_wsx=1600;f_wsy=1200;f_wpx=0;f_wpy=0;f_uam=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F106.0.5249.119%2520Safari%252F537.36;f_dd=1;f_tan=-1.4214488238747245;f_hc=4;f_bem=1*11000010;f_sax=1600;f_say=1200;f_sat=0;f_sal=0;f_lng=en-US;f_lngs=en-US%252Cen;f_tm=0;f_bo=0;f_ild=1;f_if=1*111111-1000101010111011111100;ii=6822675558884192;el=155;
Requested by: Host: metrics.nt.vc
URL: https://metrics.nt.vc/metrics.js?ii=6822675558884192&cn=rvrcnt6822675558884192&sz=728x90&cl=77&ee=&es=&dfp=0&ed=&eu=&ep=&est=&ec=&pl=7071663148712382&cr=131316&hu=&cg=&maid=&df=1&dapc=model_id,n,g&dapb=0&cgs=uvscg&iat=1665692275440&ev=iluvchdseaj&vic=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.ebayadservices.com, https://www.ebayadservices.com
cf-ray: 759ac2f3bf625c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
DATA 200
OK truncated
/ Frame 7960 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b663d575e1b89102d1baae9b0e4ade80459deb91e12daed9d72eafb7f6de2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame F9E9 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame F9E9 17 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F9E9 0
0 34ms
32ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuYBRoYYUC_wES0dJQx4GnnRT0dDRT-uqWQx4ruAR-tTvsxhmmBATuU0D2LLlqFoY30qOtQWVckXgjY987q9PX6BtnMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9E9 152 KB
46 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FF
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHI0YfNj_dz3Kggcrfu9Vyo&google_cver=1&google_push=AZmPxg8OqGlsvR3h0VCfPY9bZA2DyBSmldF74TnIiDttT4ahnrmgdohGmI...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8OqGlsvR3h0VCfPY9bZA2DyBSmldF74TnIiDttT4ahnrmgdohGmIPilCDkz8foqjg8pmwKTxt4SG1wmYBkaHyrTGSuv3XM&google_hm=5Ra4kpmtwCwg...

170 B
188 B

37ms
36ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8OqGlsvR3h0VCfPY9bZA2DyBSmldF74TnIiDttT4ahnrmgdohGmIPilCDkz8foqjg8pmwKTxt4SG1wmYBkaHyrTGSuv3XM&google_hm=5Ra4kpmtwCwgtOOh-PPPdA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8OqGlsvR3h0VCfPY9bZA2DyBSmldF74TnIiDttT4ahnrmgdohGmIPilCDkz8foqjg8pmwKTxt4SG1wmYBkaHyrTGSuv3XM&google_hm=5Ra4kpmtwCwgtOOh-PPPdA
pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK5WkltTV4dMiRdUkBavjxQ&google_cver=1&google_push=AZmPxg__u9UUt4ljoqPCGViQoJcOCmSaFTyMhYPr_fOjyISzBZtA0HT4DwrDpMm4tLdOJrm1MDqwtHG8DsqmwKN8aJmP5sqK6nA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg__u9UUt4ljoqPCGViQoJcOCmSaFTyMhYPr_fOjyISzBZtA0HT4DwrDpMm4tLdOJrm1MDqwtHG8DsqmwKN8aJmP5sqK6nA&google_hm=Q0FFU0VLNVdrbHRUVjRkTW...

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg__u9UUt4ljoqPCGViQoJcOCmSaFTyMhYPr_fOjyISzBZtA0HT4DwrDpMm4tLdOJrm1MDqwtHG8DsqmwKN8aJmP5sqK6nA&google_hm=Q0FFU0VLNVdrbHRUVjRkTWlSZFVrQmF2anhR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 20:17:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg__u9UUt4ljoqPCGViQoJcOCmSaFTyMhYPr_fOjyISzBZtA0HT4DwrDpMm4tLdOJrm1MDqwtHG8DsqmwKN8aJmP5sqK6nA&google_hm=Q0FFU0VLNVdrbHRUVjRkTWlSZFVrQmF2anhR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FF
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9ZYQkS...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9ZYQkS...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDAxMzc0NDk3OTY3MA%3D%3D&google_push=AZmPxg9ZYQkSM1oaQW3nCA7CqAgcgiD62nET79QO6elU2-ueup83lIg8naXRO3Gt1O7eqK...

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDAxMzc0NDk3OTY3MA%3D%3D&google_push=AZmPxg9ZYQkSM1oaQW3nCA7CqAgcgiD62nET79QO6elU2-ueup83lIg8naXRO3Gt1O7eqKgrBPejjdFpIHbr7ZRfCU3rWnLG5F4_

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDAxMzc0NDk3OTY3MA%3D%3D&google_push=AZmPxg9ZYQkSM1oaQW3nCA7CqAgcgiD62nET79QO6elU2-ueup83lIg8naXRO3Gt1O7eqKgrBPejjdFpIHbr7ZRfCU3rWnLG5F4_
pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 13 Oct 2022 20:17:56 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 25FF 43 B
64 B 63ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDo6y82DUs75u8rH53M9tjo&google_cver=1&google_push=AZmPxg8fjcphV_bStg9e6928MOGZ5SyWdOZbS3cLy8my_3VxklT92-FE5sTJdVK55aJ27iP5QWdLggYM-jb86gnqfE9cZ6arQORF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 8ac9l1cu9rp2uar3jphf0fika5arcjqa

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 25FF 0
41 B 325ms
26ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGhhpEI377Za4kBS5OEftZE&google_cver=1&google_push=AZmPxg99IIEI0GGtM_kR0O7UG-NZ7ZsvJX_2JNRQ0pA03n29Puhc4UL_wpgSCTR2JdFpSaAnRnz_eM4aDRMhp0NAjyEJ0p0LXTBD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 13 Oct 2022 20:17:55 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENNQegDiInSBWIr8keb-jWw&google_cver=1&google_push=AZmPxg-8pmNg7Go2seqQ6aMA48RkpDIGj_8KUN_YSkaWYFsyfNJzuLG4euVQDEbHI0Pi3o6a6gc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5UDYtMVAtMjVYOA==&google_push=AZmPxg-8pmNg7Go2seqQ6aMA48RkpDIGj_8KUN_YSkaWYFsyfNJzuLG4euVQDEbHI0Pi3o6a6gcb3zvKG6DUWZjDJjnusOk0Vtg

170 B
188 B

36ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5UDYtMVAtMjVYOA==&google_push=AZmPxg-8pmNg7Go2seqQ6aMA48RkpDIGj_8KUN_YSkaWYFsyfNJzuLG4euVQDEbHI0Pi3o6a6gcb3zvKG6DUWZjDJjnusOk0Vtg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5UDYtMVAtMjVYOA==&google_push=AZmPxg-8pmNg7Go2seqQ6aMA48RkpDIGj_8KUN_YSkaWYFsyfNJzuLG4euVQDEbHI0Pi3o6a6gcb3zvKG6DUWZjDJjnusOk0Vtg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg8VPvklQ75BaANgBs0tMZAMlw7IE1PK9...

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg8VPvklQ75BaANgBs0tMZAMlw7IE1PK9yEkZEMtVzSKswNI4wpdhSTPyg7s6cg0UYgMIx4-peg-uvNl4urWSsb-yLRxtLY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWqYZYAU6AHN4XjNO5phEvGmVEGyJD10bC6g8uUT%2BDVgBrnS3uIskGMlDkxFoISZlwo1EqP%2FW8mGw4Y6adOgJGM1RKQ3wD%2FyY8pW%2BA93yUlsm9RcHAAsTtznzp6Gw7hgj2heIsPiTo9%2BGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg8VPvklQ75BaANgBs0tMZAMlw7IE1PK9yEkZEMtVzSKswNI4wpdhSTPyg7s6cg0UYgMIx4-peg-uvNl4urWSsb-yLRxtLY
cache-control: no-cache
cf-ray: 759ac2f42c14692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 25FF 0
12 B 41ms
39ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHIsSBVd0iQftFAwcH9pCKBMuzGuTYoJw8kNti4mTbhEyJmrStbpvQBDd7ZGsQisSYj40c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=3387337960&pi=t.aa~a.1615370218~i.10~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640&nras=2&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=PkdxjQ2W1N&p=https%3A//qa.cr-halal.com&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9E9 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM6HQcnJIY_7gNtWXY6nghrgJyZ7SsVz1nZj3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4AFP0HUfsGvcmgopyjg3O5ZXiCmAnYsy4xJWOPP4ob7GGwVyiQZr1al0-w8gWtMq-gQPeQhZ5v3_HqC6eFPySxtbmzsZlXbcUE2WuOXt12yiKqW-kIfveU35a9cueqTm7pMx4mMcd3mmzDk2CqlM4C97J9DypR8NEkIWC4USbdscui53ms-vX9Vn3MkUtqPZf8jXlbGzI84LSCJmNLYyrmi27c_Wu_f0XUKI31QcMaJy56S4Opxw5h3A5uGwg8Z1q2CA0pCEgMfpoY-Sw0mdSDxFt82VuugvsWM62ZaXNhUj8IAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzEzNTY0NDYzOTAxNTQ3NBgA&sigh=_CP62dKY_vI&uach_m=[UACH]&cid=CAQSOwCsnQUx6oYD8aU-tyaYRnM2Rj5sDD12B8TYkVuXQzhrXQL527CtZcng0lCog1mZfU3t11UFgRzn9YDtGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 20:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F9E9 0
0 324ms
38ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kreyEsz6ROEEmAKdg2ICAgAAAKC6e99VcsfFdJMKyBByckhjmUrXVamvKaiwwo8AEgAA&wp=Y0hycgANsH4KGMvVAAGwKYgo7V220Q1xTwuWUw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 293841
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 71B0 173 KB
53 KB 158ms
158ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANsH4KGMvVAAGwKYgo7V220Q1xTwuWUw&u=%7CXYFoB2HKdfXpcadfcCSzeNfESfTkOCoxQ6pSiyZRE8s%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSk9RKUl8rtxeudHqrBsX1PDCMJyW9sAmycyIX4-r6xGKt6FjK1lmAqYzSt1xeemjXTaE0Z8BSqigzrNSm4SEvalOJPH8Ht2_2HysYtml24-qD-AmnukLMzJmK2rRwqW2aqQFjXqB9FTUgwrbb8c6rBuiN6vDOJLvT5egR4glB_vj0n0-w11ovGGwtpcpqy0HnDOxMPFRiAv7AXgWpXZjL_mkoiRltPoKpdgN5RFesi9I81962QjPoJ_oebXX5vVaNEBn3mHNFnAJLGIBTMt4oKXMxayXW-BJv9zVgBg24a1GOgiVvelQFdd8ZGJgstIbwMjmeH0LHv4AeOCOKmqfl4BEp-Q7LrHQxxZM2K0C3Q-fjO80GRtj-8wuOUfoQHYR9jn1n5JiKeOFxt8oZOUK2AZ53IKc9R1YpRVSTCRvr5Z7m1FekeXX4Ls0zxQ40wwJObDkEgkVlO2q8lQzaORN6sICGQrcu_AnNFTVAMTpS8xQ6Aqm3pHZbGNzE5KQH9vTXa9aLJwhrmcw_BKIt9dFkTe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeclscnJIY_7gNtWXY6nghrgJyZ7SsVz1nZj3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4wFP0HUfsGvcmgopyjg3O5ZXiCmAnYsy4xJWOPP4ob7GGwVyiQZr1al0-w8gWtMq-gQPeQhZ5v3_HqC6eFPySxtbmzsZlXbcUE2WuOXt12yiKqW-kIfveU35a9cueqTm7pMx4mMcd3mmzDk2CqlM4C97J9DypR8NEkIWC4USbdscui53ms-vX9Vn3MkUtqPZf8jXlbGzI84LSCJmNLYyrmi27c_Wu_f0XUKI31QcMaJy56S4Opxw5h3A5uHygefnLO8cwS8YlGQ5nClqyl2X_jZrr08hctWJQ9wk9Y4SnJEwT0eSvoAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1532hDAwqJy26BeHqOWLzRzYsvCQ%26client%3Dca-pub-3135644639015474%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e72f654ca424b447769111973f8f9fe59c14cd90a50b54096586765c0d498750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=V57JHUMva4tURqrg064z3xCSHs_kpclhkPNkZYLCud6EN6rxsdKm9QeipzZwMh4O2ABIPRFaQlrYn4VWeu3qO78QOSH2FvP-yOgqERSBczFkgIfCEIcTOYiY92H4TcKDa2Iz18ykVImAZTf_mrunPazsu6ueu8SuqU9gVbgvXxO5wroEduKlwtEfo5O5kYbb7lCdWtfg2xCyMUNkFq_rYAivSA8xEvOYhRRVl8N9RmbMVgpgn_0Fa4XQVXPBhtwNfhdV-A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 109694401
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 579E 1 KB
643 B 27ms
25ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3C11 2 KB
1 KB 307ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANqfcKexF1AAGwkf2cWGqNedkAsfWD_A&u=%7CXYFoB2HKdfU0qICIQkg5TQkreFKxnI7ss%2BfJ3GTCbHc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSnTtv6Ye9vcml0d3GZHRsB8v-RVq-HiybZIeIx-gxBBSC2Hbcaudc67O7AOm-z8p8ZtaLbBTqgLbv2tUdarbhGOqjLLk68cFiwT2ipQviiNUm6KG1Nha_Jv39ICtwjQl9yPmo4W1k9g1pFVOjqYMQsj3YW8_Fi0h1f8IQQPIjt3JTuVKfwGC-CZKZcudO43R5KKN_PXfDUjH3WWvhbfZixxwqEH2pJ-kR33M33ffyVdzoHH7ei3hRSGyxxc3ErzoCEI3VSRZV3aBseHo3u7whIfTNC5FeU3cZVnRwFkX2fUn-6XbXtRAemE5VPLlxpbzVa72hjujAG_fpal1eg0tgq8YDs6GGPwe5tA1QToaQYEIcsbeIL8EhLBRNDh3AOC43EgCRIUsP8AxE2hZXisD5qMBhHxIcGDlL5lLmAUs0-tUIO1ABzxi-Zm6FQ-FRIxx09c2riIHlvsFMH-8W08_602cNnq5UpOkLmbR-ejQphf00pHgRvNDSlsNrEdlwC4xrIcTV8t7HB1PJkicVXgNtbX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfptfcnJIY_fTNvWi7AOR4YbgCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMzEzNTY0NDYzOTAxNTQ3NMgBCakCS19dJW5nsD6oAwGqBOMBT9BHhFD39T4ArVZapgpsm4R3J0VMw907qjIgQtHvlR0WmghwV7NOhhEKFTjA-QEbRyGDi91nPSb9-m-nMcGM-QfRC3dV-iboY3wBCUXmpmCny3ZSt7eOYW3m33TbUZxuQ7iPLdijWiRs2Z8fo2lILJGhXsXTGR6_I9E9HxI7SMdg86o5-NbcfGCxfa-hqPVlMqi6hkMDehmvFfLdzjMYJueK8ghAPSdYL5XaFH5vivXD7OyVPnI7suGGiZ3xQHeZ927Z6MlNtXW0ECM_oazXAo9wVwoUd1LfykeWNJmoAy7YJQmABtOm57HK1Ka-pAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hSC3FG5nMfPhCo-Dmsd5Vsxv5ng%26client%3Dca-pub-3135644639015474%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3C11 2 KB
1 KB 307ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3C11 308 B
637 B 210ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3C11 293 B
621 B 214ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 3C11 43 B
347 B 210ms
37ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1gX_hToB7TCCTMqLYakkUYvsUH6wLna0uzG4zMw5VShRflUpuriGCTr2jauNTve7974WuTkPxCfxOAbzBPJP3Z7K2WBlG8TTafldBzdFv_HSeGIYT-zwBYbM6j88ovk8j6o5Sax4V7mcV__lnj81b-9wCEzHpV8bb7iSGaCKbo4fqUXQBGGWtzx-VHB87gwToDo-FnkqM1fIgD4n63iOC6iyDLYWMjujrQVjoxR4kDWEJtxpxqoLf7REIPBVgflH-y6HLh6EmRCiPe9Mq-pVSBCZGCwU8I6xEjUG7e9aWmKL7X8nUiZpARWqjGdXXp6UXtn7pPLBgAhIMPwzApDFXP3OWB7ZYuWlWva2o0PF2EyS10yKHOfK8i4X9AhMCbhgiXbo9BbqWxtf8tUC0yoVazzniLrt1qGbNIbCKD9S1dujTrRz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4037481
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 _.7071663148712382.131316;suet=crld;ii=6822675558884192;el=360;
metrics.nt.vc/event/e/77/ Frame D583 43 B
221 B 61ms
61ms Ping
image/gif 2606:4700:10::ac43:2870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.nt.vc/event/e/77/_.7071663148712382.131316;suet=crld;ii=6822675558884192;el=360;
Requested by: Host: metrics.nt.vc
URL: https://metrics.nt.vc/metrics.js?ii=6822675558884192&cn=rvrcnt6822675558884192&sz=728x90&cl=77&ee=&es=&dfp=0&ed=&eu=&ep=&est=&ec=&pl=7071663148712382&cr=131316&hu=&cg=&maid=&df=1&dapc=model_id,n,g&dapb=0&cgs=uvscg&iat=1665692275440&ev=iluvchdseaj&vic=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.ebayadservices.com, https://www.ebayadservices.com
cf-ray: 759ac2f4fa575c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 53FA 2 KB
1 KB 177ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANhzgDogQQAAlmeqvMYAZ3Has48vSdoQ&u=%7CXYFoB2HKdfV1PoE52ps%2FmuVyckwlMRkTQmqpXjsCzpg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSna5W6AFcYSxvbc35SmH91fBl3JPShkOLxJPyahKOAGEx_kmdKlDNtF_WvsddumubpTGt8nbDLlxNCT69YMzOwcdLcOPY_WaUDPDQtgPpRnTam9Vw-t9mLDzrR_RROh1H2Dem2MFNakfVCaIJ1bpJq8FniIBcm-AeabwVYzNNhtX_TKub2ons1T60kIDdv3Tr3c5KforSgtSI-ykI9e5pdB-LiK8gbuhv21_DrvuGj18BNXcq-5T390m0QXR_ez1HVJ972cT_W0-q-sxKy6sq2eogScFi1mRVFLqMkiISEYFxvt7U4Cp0JXNpYdM3OK3YEQ2wmI1BL5dCaRBMAFFnFs1ftxzbsP4SQEVSp0MCONQsVYMTUai5nNOjZvvVHK-ewj-EYxHQbori-I4EUEDBysyoiWfb04bkhwVfd3b9NiHqnVP6kVzSMDa-504YGt_np4GdgYdcot7Akrt1qQKCPTc_EDNezw5n6I_FQYHYtp9jMCGkBNvEBficu-TGmLc00ZfQhsAnq3oncLyBDbGvnj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5D_VcnJIY7iONpCIiM0P-syl8A_JntKxXM2G49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4wFP0Ng0rfO9e4dNYbF-ly5uOavR5ZMbPUnWvL5FdWm2GChLcImaFaxywNCFYd1pnI8PieTmFDO7FLG7xvjuvvPop3f3Kz3yWhT7uIEkXQoCfjssZMxu3Zuq9a3Jy7WmJrdlgiyRu0YiVHIRbRKXW3DRPTyeGjH5ORinR_MkeLX5njtP_DAjCCBlx9_PtTdLQb3yyFuK07AAPw8K-H1vAAdctEY9hm-OliWOAPx4zY-45Nox7R9c37pFiIldjOiBIruGdrLbTL5a4TVPhBdA9Wpy8Hw3ulE7txabWSZ8MTtIJZhWfYAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ocrvNxsGMWEcmMoLmDXwxY6_t9g%26client%3Dca-pub-3135644639015474%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 53FA 2 KB
1 KB 201ms
64ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 53FA 308 B
636 B 109ms
49ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 53FA 293 B
621 B 153ms
93ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 53FA 43 B
348 B 96ms
36ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TUbeqDoB7TCCTMqLYakkUYvsUH6njq69T61QPyTHf_WtDHgg02F0CzoeSCMQqQsSbVu8wJx7acjsX9CWLCi2FbEb8fm2hgnsHyuICfsI1yjEt-ERJ1F7wF5Vzdyt3pcwmtXBaUt1LCSambS1d_Q7-jvqE6yzgUneMQypd1JDUKq-eolut9h3mFLHiIZs0NXVRSnzm6Bj0rmBp4jGSCMbiA165wXPos3ttjzqZXv1dtqPFw54KR9qhC11WR6MAz_Ya_619dqCqDDkKWuArm-9A5LORji9CuCl_hCJoV3AhT09WynzVwtHmcgG8fVK7CI86NidxmU_idHJuneRsuK55eYkZi92CL_Iu5fwRvkkCA0SIrlNSxXO83SEYJA62zqALkHu8ywr79DvgFBJXVTygE-Dge0Ksd6hgWDFw1n63nk6co3G

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2791814
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A7AF 42 B
64 B 107ms
58ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVU6dER9MXDFWNc0KjiH8nTEjh5jFhYf-AoMIofI1AgC00J2j3Q_M7R94HvmESGJfSu3KGRDlO1vt5OWDSjk487HuVcH6oCwUgninTYuii557yaiRttuchrru1s3czhFqw0Qi4XQ&sai=AMfl-YR9qZxmpNFhAioJluMdi0fGV5Qh2BY9W9CxA2xL125n_He2bO9Iw-cryQPzY-Lg-0NGHyYoUmvK3cqTgYk&sig=Cg0ArKJSzOc9l_sAUS9gEAE&id=lidar2&mcvt=1107&p=0,0,90,728&mtos=1107,1107,1107,1107,1107&tos=1107,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3576269607&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665692274614&rpt=284&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3C11 12 KB
5 KB 162ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 691007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO%2FgktQR6h%2B8TSWVWQQ02GXiBc%2FH3WLtwAodUhgubLVD4ZJOKUbyJQESVwKBkuM3WUTbLMSsrHW68hgpfRMED4m%2BSLePOuG%2BL6AKxwm0RtyCBIv2OMqN2yMMu96QoXsm4xgOQmvQKktMZBfxc4iB2BgY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 759ac2f5ff6c90e3-FRA
expires: Tue, 03 Oct 2023 20:17:56 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3C11 12 KB
6 KB 203ms
80ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 8 KB
8 KB 280ms
29ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=36918&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F36918%2F210225%2F33d784040a48408e8c6dedc4aa03c63b_logo_leasingmarkt_de_endorsement.png&v=3&w=196&s=bV7eT_BQdCtHYe9XVj2QlQ_C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30531024
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8168
expires: Mon, 02 Oct 2023 05:08:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 25 KB
26 KB 355ms
104ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F6404853%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=xIOPVEX02YtXllVEE8W1EptZ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6c80ad4cbcf096a5f51ec6de8b5fc0fd5aebf0866995d4cb2ac241e2bae47cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1757898
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25854
expires: Thu, 03 Nov 2022 04:36:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 19 KB
19 KB 366ms
116ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7006767%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=K-HrVHoHD0W5h2JmBY5r4ZBl&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9910ae32b88dec0d37976cd11699968b4777fc2ebaeb2a9a17e3d8d3211af80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 65 KB
65 KB 306ms
56ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F6980583%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=9TXFzDj-xqH1GUU8Ml09HAog&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

eb98c66979e416a45db589b9ccb68b8ec5a9e8ea1d53e5db7bb787d3dbb01ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 66716
expires: Sun, 08 Oct 2023 20:17:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3C11 0
127 B 120ms
32ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=y_FKLUMva4tURqrg4exiKO9AEY9-CC44Vz56qhbT_lOO3k_yLP1-NhQM-brBkrO65vdr6H5Q75t5oZN3nIu1kQ9D-yry9qMQ_F--F_2ZBeMOy1ipPk0mFimYVo5lbQ5H7zL7TDWmR33fD2ZZQgX0cfbFj3sS7VbCQ-nbN-VEz2-ah-cZODHBWN5kpd7cFiVseViLyI3xmbzVdVo45sMARl8ySyqv-_M0O_wd0XJSI35LJ-k20PtihaGgQguomZ6xbGKpJg&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3C11 2 KB
1 KB 162ms
76ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3C11 2 KB
1 KB 47ms
46ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 logo.png
secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/ Frame 69D7 3 KB
3 KB 24ms
24ms Image
image/png 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/logo.png?1663060681496

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

610279082cab4d0263e7887cadd4f8fc432df65a8e9d1e56a2a20105811ad807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 783
suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: MISS from include-cache-2:80
x-cdn: AKAMAI
date: Thu, 13 Oct 2022 20:17:56 GMT
akamai-grn: , , , , 0.8c6656b8.1665692276.49508530
x-edgeconnect-midmile-rtt: 0
strict-transport-security: max-age=31536000
content-length: 2948
x-xss-protection: 1; mode=block
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9whhq%60uebwh*ubej%3A%28rbpv6710-1833cb82353-0xd6
access-control-allow-headers: *
expires: Fri, 13 Oct 2023 20:17:56 GMT

GET
DATA 200
OK truncated
/ Frame F9E9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 007aefca24049ba60ff9dbf8b7b9e56d0b2285f7bc68f2fd816261134290ffe6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 579E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHI0YfNj_dz3Kggcrfu9Vyo&google_cver=1&google_push=AZmPxg-lbiJ4-5kTKLj9jVeKSL-tI8xQDXRl9uKgNF_P2XrHlnc54AU1rS...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-lbiJ4-5kTKLj9jVeKSL-tI8xQDXRl9uKgNF_P2XrHlnc54AU1rSnUjq_ZlAmQ6Jjs-3uyxYB7mAaIJ0fjS3nH4Agh3w&google_hm=5Ra4kpmtwCwgtO...

170 B
188 B

43ms
43ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-lbiJ4-5kTKLj9jVeKSL-tI8xQDXRl9uKgNF_P2XrHlnc54AU1rSnUjq_ZlAmQ6Jjs-3uyxYB7mAaIJ0fjS3nH4Agh3w&google_hm=5Ra4kpmtwCwgtOOh-PPPdA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-lbiJ4-5kTKLj9jVeKSL-tI8xQDXRl9uKgNF_P2XrHlnc54AU1rSnUjq_ZlAmQ6Jjs-3uyxYB7mAaIJ0fjS3nH4Agh3w&google_hm=5Ra4kpmtwCwgtOOh-PPPdA
pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 579E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-kX_lc...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-kX_lc...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDA5NTUxNjUyMjM3MA%3D%3D&google_push=AZmPxg-kX_lcyynDl2QIl1l8NxH3UN0D_K1_AVtvbuHu94jBmmE9amztfQjNFHaHx8tfKH...

170 B
188 B

36ms
36ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDA5NTUxNjUyMjM3MA%3D%3D&google_push=AZmPxg-kX_lcyynDl2QIl1l8NxH3UN0D_K1_AVtvbuHu94jBmmE9amztfQjNFHaHx8tfKHnz0MwfY7bzCvYyb3lKMaV1MkOOjA

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTMyMDE3NTYwMDA5NTUxNjUyMjM3MA%3D%3D&google_push=AZmPxg-kX_lcyynDl2QIl1l8NxH3UN0D_K1_AVtvbuHu94jBmmE9amztfQjNFHaHx8tfKHnz0MwfY7bzCvYyb3lKMaV1MkOOjA
pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 13 Oct 2022 20:17:56 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 579E 43 B
61 B 60ms
33ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBaDoxo3VZ2ZNkMk9AYS1YY&google_push=AZmPxg-YCVPoC1wngKFtj6q5oO5KSrFjFAHYe-WqQRDFDo5ajTIG-Ch5A0MpidtD6p7FPOtJIbaaOy-bSh5MO3Xx57EcoSr4Og&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 579E 43 B
64 B 36ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDo6y82DUs75u8rH53M9tjo&google_cver=1&google_push=AZmPxg9QNHDhHfX0Inw2YIipmrfdnvSJE_tC0WMpefL8pOqSs2WECz1j9HNcuefP1QisenUDbAbUokitPk9WhX0a9LDhcNRnqg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: muqg36klkj194hkmjlnpq0njd4a50kfk

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 579E 0
41 B 73ms
27ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGhhpEI377Za4kBS5OEftZE&google_cver=1&google_push=AZmPxg-FcnryRP6dJzmnBU4InNQSbt6kxoQHJ0k00YaVq_AW6tR7rS2eQdsT2_soYL9j5z1Dvboa9fnRl_GN9AHGS-yUNibARA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=1476012596&adf=2261917894&pi=t.aa~a.1736913710~rp.3&w=609&fwrn=4&fwrnh=100&lmt=1665692274&rafmt=1&to=qs&pwprc=8069909860&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=1&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280%2C609x280&nras=4&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=P9MhxEHZKv&p=https%3A//qa.cr-halal.com&dtd=47
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 13 Oct 2022 20:17:55 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 579E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENNQegDiInSBWIr8keb-jWw&google_cver=1&google_push=AZmPxg8u7ZWD_Sc1IzGuDmhFuUDAj_FXayTYXxJWJ7PavoLVztHRnzD_z0ivAeepuinbvSVUDQx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5VzUtMUktREtSTA==&google_push=AZmPxg8u7ZWD_Sc1IzGuDmhFuUDAj_FXayTYXxJWJ7PavoLVztHRnzD_z0ivAeepuinbvSVUDQx_lAZX1IvOjX1k0wQWSFiewQ

170 B
188 B

36ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5VzUtMUktREtSTA==&google_push=AZmPxg8u7ZWD_Sc1IzGuDmhFuUDAj_FXayTYXxJWJ7PavoLVztHRnzD_z0ivAeepuinbvSVUDQx_lAZX1IvOjX1k0wQWSFiewQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3STY5VzUtMUktREtSTA==&google_push=AZmPxg8u7ZWD_Sc1IzGuDmhFuUDAj_FXayTYXxJWJ7PavoLVztHRnzD_z0ivAeepuinbvSVUDQx_lAZX1IvOjX1k0wQWSFiewQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 579E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg9N8wVDc4ynmffYyIJhQk1pg6H1uHcY8...

170 B
188 B

37ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg9N8wVDc4ynmffYyIJhQk1pg6H1uHcY8RiCD-sCRYmQpwhwItR78jW0HKrKJGuoB_dKql-zFK_nojwYJuf7uiHIz7GGpw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OORbpWHeBJLh%2BbgTdiOEq27zSYL%2Be9gKdZJAa2I1N7pfybE%2F0k7cuHQ0YwgWph5nU6QipxvjVbUb37CGXycOCQ%2FyUylx7Q3LKM7JiaIEFNRb%2BaZGyvver%2Fpf1vlGHrFBp4LKV52nukU7AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9QcU2dbq0CbexUBfVC05M&google_hm=Y0hyc358bhcg_lig090U_wAABKYAAAIB&google_nid=index&google_push=AZmPxg9N8wVDc4ynmffYyIJhQk1pg6H1uHcY8RiCD-sCRYmQpwhwItR78jW0HKrKJGuoB_dKql-zFK_nojwYJuf7uiHIz7GGpw
cache-control: no-cache
cf-ray: 759ac2f5bf7c692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 579E 0
12 B 34ms
32ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgOmjCacNwvkqt_dlmvc94NoW9byjQRbQ4z3ov6AXuqziZyCAdjZo40e2dVvHaK4VEhe9T

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 visual.jpg
secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/ Frame 69D7 34 KB
34 KB 22ms
22ms Image
image/jpeg 104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/visual.jpg?1663060681496

Requested by

Host: qa.cr-halal.com
URL: https://qa.cr-halal.com/13/now-earn-daily-from-crypto-trading-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

4b477d7547e842d19c8d44615823e3dc6411d7d9fe0731e3bc5127453c190a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureir.ebaystatic.com/cr/mscdn/336b409a7ae9f000bed016b7e6b3d866/index.html?mpck=svcs.ebay.com%2Fdelstats%2Femail%2Flocation%3Fuser-id%3D43188348269%26ch%3D4%26ci%3D-1%26mobtrkcd%3D%26si%3D77%26et%3Dadclick%26loc%3Dhttps%2525253A%2525252F%2525252Frover.ebay.com%2525252Frover%2525252F1%2525252F707-166314-871238-2%2525252F4%2525253Fmpt%2525253D47875%25252526ff5%2525253D%25252526ff6%2525253D%25252526ff7%2525253D%25252526ff8%2525253D%25252526ff9%2525253D%25252526ff19%2525253D%25252526ext_id%2525253D%25252526ir_DAP_A1%2525253D0%25252526siteid%2525253D77%25252526ff10%2525253D131316%25252526ipn%2525253Dadmain2%25252526ff13%2525253D1%25252526ff14%2525253Dunknown%25252526ff20%2525253D0%25252526%26ff14%3Dunknown%26ff20%3D0%26mpcr%3D131316%26rvr_id%3D6822675558884192&mpt=&mpcr=131316&crdata=&imp_rvr_id=6822675558884192&siteID=77&mpcrgif=&mpvc=https%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC3FcDcnJIY4b7BrWK7AOx2LaAC5PioO1spviv3KIQt-mivcABEAEghtzOHWCVgoCAsAegAZbGm_4DyAEJqQKeLXkZgUywPqgDAaoE6wFP0DDbl2O1AqXD-_4N9p-NCG9-Iwz5i6iiZ798cC5-4xdoOcqODgKcerS-mw3EdBI-Luh0fjX4MO3zVi-zt8Ttr9UUJ38AEkFM1_40OYs3EZmQa75Eumtini4b50-qLrZHAps1JscAJ_0NCjA2jJgfRh4kk7-A0cbAe0hfUf-7X4laH4l35Xz1OaWZ-MGCKWLlgxM4kg9UzUVWcPm4RrPvBCCZCthpe5ltozUKfbWWwbomM5QQJiFQXgu7RbRwrSp9l9RscSzlyoaUdX_uKg-EtAG9dbC9nXqHfHr0zNsczdEMSlj8J_HfStCTwASHi7W0iwSgBhGAB7f1l3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwrQFQGYFgH4FgGAFwE%2526num%253D1%2526sig%253DAOD64_184Eu7M_dCco8umszMwbBk39bVfw%2526client%253Dca-pub-3135644639015474%2526adurl%253D&rvr_chocolate=true&rvr_ckquery=norover%3D1%26mkevt%3D1%26mkcid%3D4%26mkrid%3D707-166314-871238-2%26mpt%3D47875%26ff5%3D%26ff6%3D%26ff7%3D%26ff8%3D%26ff9%3D%26ff19%3D%26ext_id%3D%26ir_DAP_A1%3D0%26gclid%3D%7Bgclid%7D&mpvcget=0&mpvcredir=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 620
suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: MISS from include-cache-1:80
x-cdn: AKAMAI
date: Thu, 13 Oct 2022 20:17:56 GMT
akamai-grn: , , , , 0.8c6656b8.1665692276.49508599
x-edgeconnect-midmile-rtt: 19
strict-transport-security: max-age=31536000
content-length: 33900
x-xss-protection: 1; mode=block
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9iptq%60uebwh*ewa1e%28rbpv670%3D-1833cb85985-0xd9
access-control-allow-headers: *
expires: Fri, 13 Oct 2023 20:17:56 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 53FA 12 KB
5 KB 76ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 691007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keAlGb8ea8nKCD%2B4UsmR1eDmQeH8Ad3dzSzaLo1qlJ7hTTsM7uG7pzRRsQr2df7qFBL7kzMz1ByNQPehSTeDxItjLaGIP2foe2wkQbYhxBteRHG2UO%2FNN7zocHD8NVAbGB3trnCno%2Bkive632TcMxhTj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 759ac2f5ff6e90e3-FRA
expires: Tue, 03 Oct 2023 20:17:56 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 53FA 12 KB
6 KB 106ms
73ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 53FA 8 KB
8 KB 240ms
68ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30531024
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8168
expires: Mon, 02 Oct 2023 05:08:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 53FA 14 KB
14 KB 283ms
114ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F6925632%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=Zbuqb_dy8aanDKHbUk0bOHCG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0d8c3cc19e9958f985a4c5ae2d0f098706cf42b259e6e0a40fae39434dbc3e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1877584
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13850
expires: Fri, 04 Nov 2022 13:51:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 53FA 11 KB
11 KB 306ms
137ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7006767%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=K-HrVHoHD0W5h2JmBY5r4ZBl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c6348a84cb5e06cfa737074f535e108fc431fefb599bcb70ebd2a60b4439c222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10998
expires: Sun, 08 Oct 2023 20:17:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 53FA 0
128 B 37ms
32ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=kgX1pUMva4tURqrgaRAjyi4JJemZPcNZYjhQzHP5YgZGLocTLHluGXQyDYMRqKjlzDPTkaoql8CigU1Bl-HADVIwUQqNHqYE__Y8v32afE-Xsv8VHKxCGtcEUZao8hraEV5rGv-T_GtDwIvLS5Umh7TBe4eFNVZQTISuOo7v74b7Cy8pscoyvtq8eZzqiRIXJa8k8r3Hy0mSVmXVmTrjaUuca2zr5Eefsi17IXXLVqD15wAVTzuHIger0su92iV_4s_LdQ&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 53FA 2 KB
1 KB 44ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 53FA 2 KB
1 KB 44ms
43ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 71B0 2 KB
1 KB 55ms
55ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0hycgANsH4KGMvVAAGwKYgo7V220Q1xTwuWUw&u=%7CXYFoB2HKdfXpcadfcCSzeNfESfTkOCoxQ6pSiyZRE8s%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9CakJALpS3I2MAskDvxLRQAFyxZW57l_YevoCp8Q2ZSk9RKUl8rtxeudHqrBsX1PDCMJyW9sAmycyIX4-r6xGKt6FjK1lmAqYzSt1xeemjXTaE0Z8BSqigzrNSm4SEvalOJPH8Ht2_2HysYtml24-qD-AmnukLMzJmK2rRwqW2aqQFjXqB9FTUgwrbb8c6rBuiN6vDOJLvT5egR4glB_vj0n0-w11ovGGwtpcpqy0HnDOxMPFRiAv7AXgWpXZjL_mkoiRltPoKpdgN5RFesi9I81962QjPoJ_oebXX5vVaNEBn3mHNFnAJLGIBTMt4oKXMxayXW-BJv9zVgBg24a1GOgiVvelQFdd8ZGJgstIbwMjmeH0LHv4AeOCOKmqfl4BEp-Q7LrHQxxZM2K0C3Q-fjO80GRtj-8wuOUfoQHYR9jn1n5JiKeOFxt8oZOUK2AZ53IKc9R1YpRVSTCRvr5Z7m1FekeXX4Ls0zxQ40wwJObDkEgkVlO2q8lQzaORN6sICGQrcu_AnNFTVAMTpS8xQ6Aqm3pHZbGNzE5KQH9vTXa9aLJwhrmcw_BKIt9dFkTe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeclscnJIY_7gNtWXY6nghrgJyZ7SsVz1nZj3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zMTM1NjQ0NjM5MDE1NDc0yAEJqQKeLXkZgUywPqgDAaoE4wFP0HUfsGvcmgopyjg3O5ZXiCmAnYsy4xJWOPP4ob7GGwVyiQZr1al0-w8gWtMq-gQPeQhZ5v3_HqC6eFPySxtbmzsZlXbcUE2WuOXt12yiKqW-kIfveU35a9cueqTm7pMx4mMcd3mmzDk2CqlM4C97J9DypR8NEkIWC4USbdscui53ms-vX9Vn3MkUtqPZf8jXlbGzI84LSCJmNLYyrmi27c_Wu_f0XUKI31QcMaJy56S4Opxw5h3A5uHygefnLO8cwS8YlGQ5nClqyl2X_jZrr08hctWJQ9wk9Y4SnJEwT0eSvoAG06bnscrUpr6kAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1532hDAwqJy26BeHqOWLzRzYsvCQ%26client%3Dca-pub-3135644639015474%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 71B0 2 KB
1 KB 77ms
77ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 71B0 308 B
636 B 41ms
38ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 71B0 293 B
621 B 43ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 71B0 43 B
347 B 35ms
32ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=S_l8iDoB7TCCTMqLYakkUYvsUH7NvhqvkhwxmLFWWO4l2We38pi6m0IKRfhnHgW0RrLZbw7mk0Ee9CCbKgCOkdL6YSrri2gmvS6iWkZ6LTyqEx9j-14GahqHAYhEikOEzeAKS8QHvYinDb282NSizDHk2KPyY3qo1zhTiio0a7mNOV-C2s96lzfB27GoMK4OR8YX6tl1AWupewn9OFib2rJu1iFc12HhYQn2ofOhLAE_-ilhYwD5__aNiRyKId3JKwK3GMGW2JaoXUAZQh7l7Xaf9TXdz3PjSGOug6XafU2_mPV_IFBO3kXzynwETMSj-KJ1uymigkpuSuzC9OVn9zq45MKj9QGB2bm9RAiP7aa7GE0ysA0zxUSSUhtrHwQuEgy61_gVZbKpzcayLctfmT-0xXLlhQHGyzo-ZDL5r-7V3pzY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2870118
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 53FA 4 KB
651 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 18:21:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 20:17:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3C11 4 KB
651 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 19:58:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 20:17:56 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 71B0 12 KB
5 KB 60ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 87171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kQzVDEJCwfV2QaZiAUchdpJwemP%2BsVQu5OVAcmGWw5hih8g7cZdeUqMvzwipqp3SGECr%2BKuh7VSP5bKH6w%2FOdqCmqta55m2exnE%2F2JzcNuH7vqMm4HmJLqVzXrsVp%2F8r8GtYf%2F6dUdeHQdy3aRZdkmt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 759ac2f69829bbb6-FRA
expires: Tue, 03 Oct 2023 20:17:56 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 71B0 12 KB
6 KB 35ms
35ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 8 KB
8 KB 149ms
108ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30531024
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8168
expires: Mon, 02 Oct 2023 05:08:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 19 KB
19 KB 182ms
141ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7006767%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=K-HrVHoHD0W5h2JmBY5r4ZBl&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9910ae32b88dec0d37976cd11699968b4777fc2ebaeb2a9a17e3d8d3211af80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 25 KB
26 KB 177ms
137ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F6404853%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=xIOPVEX02YtXllVEE8W1EptZ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6c80ad4cbcf096a5f51ec6de8b5fc0fd5aebf0866995d4cb2ac241e2bae47cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1757898
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25854
expires: Thu, 03 Nov 2022 04:36:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 16 KB
17 KB 155ms
121ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7236995%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=7zcHXPdY3QNlx1JF3Paoy45K&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9e120713c8447f8b37886f4069fa5c2c7abdbf8058639d390e7f415e62491907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1285051
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16694
expires: Fri, 28 Oct 2022 17:15:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 19 KB
19 KB 168ms
134ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7133556%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=nUCMouox4qTng5UP054a4_QU&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0e704eea59504bd5cfdb91eb168613011a28bbd29019b0c8b6d1f3111497c7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19330
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 36 KB
36 KB 189ms
155ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7123296%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=kJN67qBq26gWCdYVoatvAUcS&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

121a1b920533d8d52210dfb0400c45471a1dc982e16c6b1af86c21557b232a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36386
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 14 KB
14 KB 149ms
148ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7272671%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=7hhBJitH0SF6syOmEB8w4IkZ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7ce6eb9c5aa56888d5e1ce2d52ae90a673216aecc74b52b81c7d19615b76bbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1949569
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14280
expires: Sat, 05 Nov 2022 09:50:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 22 KB
22 KB 164ms
164ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7023813%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=g_LZSobZ-WMYCFJAPE-0HM-N&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6f31edcc691567f02ff8e351606629dc86277ca4e4c874a4c68a398ca10d4031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22408
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 28 KB
28 KB 149ms
149ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7068327%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=J8Pnrpv-mfp8zSWqnFxOienl&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fdb91614770f9021f84f76a21904f211cba68a504068982a4c994028e1dbb2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1597497
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28414
expires: Tue, 01 Nov 2022 08:02:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 24 KB
24 KB 125ms
125ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7241990%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=6Ts7Zp-jK6NKfa-LIn9h0jHJ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bb027bdc827295bb61d5fbaa581a1c72d9d9b44f752e35cc3443a618d06affee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1369317
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24730
expires: Sat, 29 Oct 2022 16:39:53 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 71B0 0
127 B 30ms
30ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=V57JHUMva4tURqrg064z3xCSHs_kpclhkPNkZYLCud6EN6rxsdKm9QeipzZwMh4O2ABIPRFaQlrYn4VWeu3qO78QOSH2FvP-yOgqERSBczFkgIfCEIcTOYiY92H4TcKDa2Iz18ykVImAZTf_mrunPazsu6ueu8SuqU9gVbgvXxO5wroEduKlwtEfo5O5kYbb7lCdWtfg2xCyMUNkFq_rYAivSA8xEvOYhRRVl8N9RmbMVgpgn_0Fa4XQVXPBhtwNfhdV-A&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 71B0 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 71B0 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 53FA 13 KB
13 KB 77ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 89494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 53FA 13 KB
13 KB 108ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 18:50:20 GMT
x-content-type-options: nosniff
age: 523656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 18:50:20 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 3C11 13 KB
13 KB 102ms
51ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 89494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 3C11 13 KB
13 KB 112ms
62ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 18:50:20 GMT
x-content-type-options: nosniff
age: 523656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 18:50:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 71B0 4 KB
651 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 19:14:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 8 KB
8 KB 132ms
131ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30531024
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8168
expires: Mon, 02 Oct 2023 05:08:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E7A 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIQk3sjMndXpato8fnxTCqlq7mjMiXfvxW6mlM99XX4vyAUcDzq5tOlysoArfuBe-fxSnRdKS_x9OLPhQroEh-f0Uk_T88iiPy8aT6gXnR1H_RWgz5a10ahFU68uceFMmNNzRzWQ&sai=AMfl-YQ641spRNlrYRr4-uHtIfOxxgzDYP-HUaqpC63ouD2L2x52ArwN3JEe-RrOzX6N1nE85kK-R_7ZW0rpbDk&sig=Cg0ArKJSzOOEFTzJadfzEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=54,741,1001,1055,1055&tos=54,687,260,54,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665692274979&rpt=325&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 20:17:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 71B0 13 KB
13 KB 52ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 89494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 71B0 13 KB
13 KB 35ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 18:50:20 GMT
x-content-type-options: nosniff
age: 523656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 18:50:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 53FA 8 KB
8 KB 95ms
95ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30531024
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8168
expires: Mon, 02 Oct 2023 05:08:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 25 KB
26 KB 56ms
55ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F6404853%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=xIOPVEX02YtXllVEE8W1EptZ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6c80ad4cbcf096a5f51ec6de8b5fc0fd5aebf0866995d4cb2ac241e2bae47cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1757898
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25854
expires: Thu, 03 Nov 2022 04:36:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 8 KB
8 KB 31ms
31ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30531024
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8168
expires: Mon, 02 Oct 2023 05:08:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3C11 19 KB
19 KB 38ms
37ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7006767%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=K-HrVHoHD0W5h2JmBY5r4ZBl&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9910ae32b88dec0d37976cd11699968b4777fc2ebaeb2a9a17e3d8d3211af80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 71B0 19 KB
20 KB 36ms
36ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F7006767%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=K-HrVHoHD0W5h2JmBY5r4ZBl&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9910ae32b88dec0d37976cd11699968b4777fc2ebaeb2a9a17e3d8d3211af80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684
expires: Sun, 08 Oct 2023 20:17:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 39ms
39ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

620656f38d4f2e8d770d2754f39c896c951318de9a1dccb5bc66d8debfcc4d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11156
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 20:17:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1774 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 18:48:47 GMT
expires: Fri, 13 Oct 2023 18:48:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2AAC 783 B
534 B 32ms
31ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

632b6c29d47a3e2a715c49b467ab5a9a96c98176a9d0af167cc183e6900a518b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t0_4e3HqmIF7qHzVTrZglg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.cr-halal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-t0_4e3HqmIF7qHzVTrZglg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:17:56 GMT
expires: Thu, 13 Oct 2022 20:17:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1774 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2AAC 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=2278350214745141&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H3 200 _.7071663148712382.131316;pd=googleads.g.doubleclick.net;pp=%252F;sz=728x90;if=100;lt=1007;al=1;av=C1;nd=500;mv=28;v1f=1037;v7=843;v5=118;v4=76;vin=1;vbiv=01000000000010;vbin=01000000000010;ii=6822...
metrics.nt.vc/event/v/77/ Frame D583 43 B
221 B 47ms
47ms Ping
image/gif 2606:4700:10::ac43:2870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.nt.vc/event/v/77/_.7071663148712382.131316;pd=googleads.g.doubleclick.net;pp=%252F;sz=728x90;if=100;lt=1007;al=1;av=C1;nd=500;mv=28;v1f=1037;v7=843;v5=118;v4=76;vin=1;vbiv=01000000000010;vbin=01000000000010;ii=6822675558884192;el=1094;
Requested by: Host: metrics.nt.vc
URL: https://metrics.nt.vc/metrics.js?ii=6822675558884192&cn=rvrcnt6822675558884192&sz=728x90&cl=77&ee=&es=&dfp=0&ed=&eu=&ep=&est=&ec=&pl=7071663148712382&cr=131316&hu=&cg=&maid=&df=1&dapc=model_id,n,g&dapb=0&cgs=uvscg&iat=1665692275440&ev=iluvchdseaj&vic=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebayadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.ebayadservices.com, https://www.ebayadservices.com
cf-ray: 759ac2f98b6f5c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1774 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?01sW5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:17:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=2278350214745141&bg=!PD-lP3vNAAYeOJy_Pjg7ACkAdvg8WivnmdJYceCBHLEVaW1sAloZ2knZtyQpDqiIL-ssyPVNqnZwewIAAAB_UgAAAAdoAQeZAplzhpEgeTCeWWxYTP3Y9r_HjoaVDD7SU8_vqbzCJvjeW6w7coK38Ia0CvINZzmxA_S4EBe6jDVpca7gojrVKgH8xBI1QHJaDO1JpH8QNAuaeHXrwX67feTmkUsxwtddSqgnayae1TgdIOUApqKhVUkjsjgd1dzE_o-Zt7-nrg2AV8oVV7gl4aQaObA6X-W5zrcKJh4S89ar-7za5azzca8_SR_p1mrn0oNDkU7ix7BAmMLyEwXq86zeGXVYBBgedR5XAv05_sya8mtxSj3_pEjJoW8j-3uWKlTQ5u3Ju4UGWOIdXVIwygsaycHOQMSvJM0Ff4sMFExDxTtgbnqZ4_WUozGdYNjfzXciGOUSedJ8Wa5xxANtJow67KgU4N3GJ26nWfAk1xNHUJiYZdj8-CERy2PwYvhfba1yXNRGLWxOzYH2DajwnLjhwZRETidzaPbZWKxy91_yrZVwqWws-0DypZ7XsFqKPCnqR763lrlCOEjRoU5VEuR7W-Lfk40-TR5ECP1EFrEUczksRzKPnkfete69IL3X0kPXcosR4ob8rIL6HgvgQfWowwEQTNAUZ1yh-z2TaZVl532jBD6qCAtvHXZjrHoGGyDO8VVcJHNbsCaUk0Ak5-ZOuellOBQJQ6rwj5Z7uh7YTDOsJqDC0K3TEA4mfbhNuau9ixugm5uFQwFq4RC22ZjDau2iMrocXMN7v0O6ONLUBk5kDBeJlPpr_KVy32fd5UOyID6f404BkIqBE01vAP4GsTqqJ75rJICAjoHx1JGxKHOmrUBPF9kaRLoGecAbivnlxwq17zlTuGGovg_QxRvPxHRaMo4K3CfI0z-_lYsFsVAAFlD3oGfPoxsDhoJavNm-Y9pm59bM0lyhqhd3h-saNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.cr-halal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ebayadservices.com/marketingtracking/v1	1970-01-20 08:51:08	Name: adguid Value: bc3f5b73504a461b87fa5fe22b58d83b
.google.com/	1970-01-20 16:11:18	Name: __Secure-ENID Value: 7.SE=Va1XliVBpYydOYWpKUd9bmaKujAfA2cwIY77S3xUu9Zr6v0sHtUJ4Vhgv9nhfRnUc9_o_uXJMWQwtqwWWl0ICUYCYObr9LdMqwA90EdKwZp9jgpKHJAO16syNCIG7LN3hp6PcnKHXv8pd6dnB-5J5GvA1LKODIFiuJ7uDD65VlY
.google.com/	1970-01-20 16:17:32	Name: CONSENT Value: PENDING+204
qa.cr-halal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6b6c2b59d5ca29c50579a7815be0cbf5
qa.cr-halal.com/	1970-01-20 06:44:25	Name: qa_key Value: zn9eg7nczjxpvmnlscpjppix1lgjea9r
.cr-halal.com/	1970-01-20 16:03:08	Name: __gads Value: ID=6a962d054f4c60bc-2264efe341ce0071:T=1665692274:RT=1665692274:S=ALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ
.cr-halal.com/	1970-01-20 16:03:08	Name: __gpi Value: UID=00000b727abc0b89:T=1665692274:RT=1665692274:S=ALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw
.doubleclick.net/	1970-01-20 16:03:08	Name: IDE Value: AHWqTUm-2r1qjX_cTz8Y8bOTSghlubjfvb5HvOZOM3HnhNZe5iRLF_f-jlLiKAlrsyM
.doubleclick.net/	1970-01-20 06:41:35	Name: DSID Value: NO_DATA
.cr-halal.com/	1970-01-20 16:03:08	Name: __gsas Value: ID=66447c236ce68f26:T=1665692275:S=ALNI_MY-plhuMrxeszmlbWIxJuFgKX763g
.insightexpressai.com/	1970-01-20 07:54:51	Name: TID Value: 00000000-0000-004e-333e-f31665692275
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW Value: 00000000-0000-004e-333e-f31665692275
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW_Time Value: 1665692275
.quantserve.com/	1970-01-20 08:51:08	Name: d Value: EBYBCQGpJ4EA
.quantserve.com/	1970-01-20 16:11:46	Name: mc Value: 63487273-a8fff-99839-6dc14
.casalemedia.com/	1970-01-20 15:27:08	Name: CMID Value: Y0hyc358bhcg-lig090U-wAA
.casalemedia.com/	1970-01-20 08:51:08	Name: CMPS Value: 1190
.casalemedia.com/	1970-01-20 08:51:08	Name: CMPRO Value: 1190
.casalemedia.com/	1970-01-20 08:51:08	Name: CMTS Value: 1152
.agkn.com/	1970-01-20 15:27:08	Name: ab Value: 0001%3AfZjFrv1MvCSnlGBZXZtKmkYsR3hyr4sH
.agkn.com/	1970-01-20 15:27:08	Name: u Value: C\|0CEAq2y70Ktsu9AAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 16:11:46	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:11:46	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 07:24:44	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:24:44	Name: na_sr Value: 20221013
.dlx.addthis.com/	1970-01-20 06:41:32	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:24:44	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 16:11:46	Name: na_id Value: 2022101320175600095516522370
.addthis.com/	1970-01-20 16:11:46	Name: uid Value: 6348727453919a9d
.addthis.com/	1970-01-20 16:11:46	Name: ouid Value: 6348727400013722b7ff8c2d698a9c7cafdc44bc710a22269ec2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3135644639015474&output=html&h=280&adk=81526169&adf=313322620&pi=t.aa~a.1615370218~i.12~rp.4&w=609&fwrn=4&fwrnh=100&lmt=1665692274&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8069909860&ad_type=text_image&format=609x280&url=https%3A%2F%2Fqa.cr-halal.com%2F13%2Fnow-earn-daily-from-crypto-trading-2023&fwr=0&pra=3&rh=152&rw=608&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665692274806&bpp=1&bdt=1667&idt=-M&shv=r20221012&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a962d054f4c60bc-2264efe341ce0071%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Ma1Se2lVFuFuNGIBYWDn-zkl9XKSQ&gpic=UID%3D00000b727abc0b89%3AT%3D1665692274%3ART%3D1665692274%3AS%3DALNI_Mb9ZaGbNz8Z_L47EYI7X9WnzlivNw&prev_fmts=0x0%2C748x90%2C320x640%2C609x280&nras=3&correlator=4812451814742&frm=20&pv=1&ga_vid=886874306.1665692274&ga_sid=1665692274&ga_hid=7675380&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774717%2C42531705%2C44769305%2C31067825%2C31069563&oid=2&pvsid=2278350214745141&tmod=930585374&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kINi6Uxcjm&p=https%3A//qa.cr-halal.com&dtd=43 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8awt54GLZa29DzotoH9HPDfySbDVqWsXFzGIEGuwzEL1no3-Cth77AmilntVJXbdBmsDxAFYEmO-_iWzyAIT_-qjZzy8Yf&google_gid=CAESEJR9TJeE672yI-QdRzv6UiA&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdn.punchng.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d.agkn.com
digitalinvestmenthub.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
metrics.nt.vc
odr.mookie1.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
qa.cr-halal.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure.insightexpressai.com
secureir.ebaystatic.com
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.ebayadservices.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.stilt.com
104.18.18.126
104.238.222.166
104.75.89.51
172.217.16.194
178.250.2.135
178.250.2.148
178.250.2.150
198.47.127.19
209.140.136.209
2606:4700:10::6816:3289
2606:4700:10::ac43:2870
2606:4700:10::ac43:29ed
2606:4700::6811:180e
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a02:26f0:480:28f::1ec4
2a06:98c1:3121::3
3.124.130.212
34.98.67.61
35.227.252.103
35.244.174.68
66.29.132.14
69.173.144.139
69.192.160.219
007aefca24049ba60ff9dbf8b7b9e56d0b2285f7bc68f2fd816261134290ffe6
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8c3cc19e9958f985a4c5ae2d0f098706cf42b259e6e0a40fae39434dbc3e32
0e704eea59504bd5cfdb91eb168613011a28bbd29019b0c8b6d1f3111497c7fc
121a1b920533d8d52210dfb0400c45471a1dc982e16c6b1af86c21557b232a87
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
24e9905e366804329ed38cb38f21d0b1626dd324299808ced331708280e1e569
2c0f003ed7d1d7f2aab14d345404c542c31cfa61ce3ac0c0ae6141855f053eac
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2379fbb40623861ca0f591cd352c9ee5b6b07490623e29342c4f3efc129960
371050953e263a82ba44be3f508467324f85b9713813bfd6c18dd25b4c67f9a0
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3a44f7ebc52257680a941c6bae4c1981bfc1e57a6ed67e3ca81045e4e61d08ea
4772b7b11145fa577af3abf913d1f88d27083e1802a4ff7f91f14d52efbe5f05
4b477d7547e842d19c8d44615823e3dc6411d7d9fe0731e3bc5127453c190a77
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e455a4e91f6a59aab5cc55c9a8f7594b67599f3a74cb2598e43de54a64e990f
522f5300651d831ecde4232c74d0ad2d25aba96c508f4d0c1fa5142008511f24
5520b9c6bfb08d5453d42456a4afc37acb959ccd5434c28d01d9d0d6ae21d206
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56617eb2f4f8837fa9b51fed6b77c87e842280900ca52fcfe13a92f4cdaba2e4
5b6180e29c0e9e199bf06b92760bbc7b677a53af5d3a6578785ae5a5d063a91e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cdaf6aae2dabbdc998aa46fe673b49e901ec1810832273aeb47ae58e1e7b003
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
610279082cab4d0263e7887cadd4f8fc432df65a8e9d1e56a2a20105811ad807
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620656f38d4f2e8d770d2754f39c896c951318de9a1dccb5bc66d8debfcc4d41
632b6c29d47a3e2a715c49b467ab5a9a96c98176a9d0af167cc183e6900a518b
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
6847764b21f2678786b74ddc8064733b3330f1ec12773a9473829f4c8e35bfc1
6a2a26b9469cfe5ed88d7d103160a4fa8ccd3b60c1375593b7efb0cc325b3d0d
6c80ad4cbcf096a5f51ec6de8b5fc0fd5aebf0866995d4cb2ac241e2bae47cdf
6f31edcc691567f02ff8e351606629dc86277ca4e4c874a4c68a398ca10d4031
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
78700b487e88094ea47c33f41c80c90b01b7fb41d79edf55e2f7d847b8cb1cce
79bb3e054a9b3a987979800d087196d6cb5b5daad97df968cd0f5cb344c02d99
7a20a126b58eda0fd95b2ab4e9ce1f907ff63de61d68a8480066c0f44d4e5396
7b17be166a31cc48b3d1baaabf0d76cadae91446d255c6b6ae23d9794bdc8110
7b663d575e1b89102d1baae9b0e4ade80459deb91e12daed9d72eafb7f6de2e2
7ce6eb9c5aa56888d5e1ce2d52ae90a673216aecc74b52b81c7d19615b76bbcf
7d7ab07e3d133e66c4b39c6e78f6f32ed29814963f42f914804b182028355e79
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
8a792b187d7974f43960fbdb8b4fb5af8641920f8df59c07ee17e8377578ec41
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c35a8328673c7883f4fe7be528cbb220e009d3bc929456659bead4a957b7227
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9910ae32b88dec0d37976cd11699968b4777fc2ebaeb2a9a17e3d8d3211af80d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e120713c8447f8b37886f4069fa5c2c7abdbf8058639d390e7f415e62491907
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ac9c1f44ac2029817e0115309466c60246182a9b8252cd9739efefdbf219863e
acb93136314655be58b4d24a30d903721ae25f69c675ba4265d69b8f7c56f277
ad6a67c27aa9c5c3cd1af30bd445f9a7f1de2e3458f0fb9d1f5a1073e98f0d4d
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b53f6286af2397bbed02c1b62d40ea75ef1b01402454fd81e66f4421d96e7740
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
bb027bdc827295bb61d5fbaa581a1c72d9d9b44f752e35cc3443a618d06affee
bc9ebb1197600a2034dbb4b2902edcade9b6bb05681524db11c175cc8c27f25d
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6348a84cb5e06cfa737074f535e108fc431fefb599bcb70ebd2a60b4439c222
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c8e758f47c2bf32bf96d256543e273d2d6b1e6dfd878e4b11f8e77bfd837f254
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
c99b597ac98a583be4e2062bac6a355afa5b1dc5e953b88a159bd86a42540242
d8a0e28dd734e28b0e0c9c64b7dddf6cf55a63bfc30698b9d52c6db1341b9844
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e67b814109cc3112e4b90f94d802040e7c53dacba01f272b4517d8c07732129c
e72f654ca424b447769111973f8f9fe59c14cd90a50b54096586765c0d498750
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
eb98c66979e416a45db589b9ccb68b8ec5a9e8ea1d53e5db7bb787d3dbb01ab0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fdb91614770f9021f84f76a21904f211cba68a504068982a4c994028e1dbb2bf

qa.cr-halal.com Open in urlscan Pro 66.29.132.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

95 %HTTPS

58 %IPv6

29 Domains

38 Subdomains

34 IPs

4 Countries

2331 kBTransfer

5141 kBSize

30 Cookies

4 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.cr-halal.com Open in urlscan Pro
66.29.132.14 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

95 %
HTTPS

58 %
IPv6

29
Domains

38
Subdomains

34
IPs

4
Countries

2331 kB
Transfer

5141 kB
Size

30
Cookies

209 HTTP transactions
6 data transactions