faizaneraza.org Open in urlscan Pro
2606:4700:3033::ac43:8766 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://faizaneraza.org.admin-eu2.cas.ms/
Effective URL:
https://faizaneraza.org/
Submission: On October 06 via api (October 6th 2022, 2:10:09 pm UTC) from JP — Scanned from NL

Summary HTTP 116 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 21 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3033::ac43:8766, located in United States and belongs to CLOUDFLARENET, US. The main domain is faizaneraza.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2022. Valid for: a year.

This is the only time faizaneraza.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.105.164.234 51.105.164.234	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:dc:... 2a02:26f0:dc::6853:521	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2606:4700:303... 2606:4700:3033::ac43:8766	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1 30	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2006	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
116	25

1 51.105.164.234 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

faizaneraza.org.admin-eu2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:dc::6853:521 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:8766 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

faizaneraza.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	506 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390 static.doubleclick.net — Cisco Umbrella Rank: 402 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	158 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	169 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	109 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	221 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703	4 KB
3	faizaneraza.org 1 redirects faizaneraza.org	54 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 79854	44 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2279	591 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	912 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 915	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2302	485 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1504	925 B
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 9993	914 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1482	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 916	758 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	647 B
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3762	682 B
1	cas.ms faizaneraza.org.admin-eu2.cas.ms	891 B
116	21

	Domain	Requested by
30	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net faizaneraza.org.admin-eu2.cas.ms tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	faizaneraza.org pagead2.googlesyndication.com faizaneraza.org.admin-eu2.cas.ms tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com faizaneraza.org.admin-eu2.cas.ms googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	s0.2mdn.net	faizaneraza.org.admin-eu2.cas.ms s0.2mdn.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	faizaneraza.org googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	faizaneraza.org	1 redirects faizaneraza.org
3	mcasproxy.azureedge.net	faizaneraza.org.admin-eu2.cas.ms mcasproxy.azureedge.net
2	ag.innovid.com	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	static.doubleclick.net	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	faizaneraza.org.admin-eu2.cas.ms
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i0.wp.com	faizaneraza.org
1	faizaneraza.org.admin-eu2.cas.ms
116	27

This site contains links to these domains. Also see Links.

Domain
pampers.com

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 05	`2022-10-06` - `2023-10-01`	a year	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-30` - `2023-06-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://faizaneraza.org/
Frame ID: EC00279E0A7B734F955A5402052B73D3
Requests: 18 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
Frame ID: DCDA0AA6C31B7D4DC2D5CC633F70E112
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: A869FCAC55F616EBFAF52FCA6F05EB4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&adk=1812271804&adf=3025194257&lmt=1665065406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffaizaneraza.org%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065406137&bpp=4&bdt=409&idt=302&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7647895633&frm=20&pv=2&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=315
Frame ID: D7D83B986B274A776C4F041683CD1521
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2720723718&adf=2744381918&pi=t.aa~a.2233230043~rp.4&w=895&fwrn=4&fwrnh=100&lmt=1665065406&rafmt=1&to=qs&pwprc=2393093044&psa=0&format=895x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065406141&bpp=2&bdt=413&idt=316&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jzMYZLNRwZ&p=https%3A//faizaneraza.org&dtd=320
Frame ID: 12C8DF00F2D47C4B904E41AF3A2F31E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
Frame ID: 8B644A2B51007A03D742CA50536537C1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
Frame ID: A13298255D84E2B9DBD7812E9DCDCFF1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4CC4B1AB52660995889E51CC43A38C8E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 535415D22D10A88EF553FDFE1EEE9B0F
Requests: 13 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqWyIzZZzC0zvPamypBBbtdGqQeVc-hDk6vqm_nMmhHhgWK24uwXKg6NbsiLan193YxRY_oZjniEGd3iTsMrj39ZQR6rS2Qw_QDKPO8woT5IbBDVQka9UcVU4e1xqK_Ws-SDqILUGPLxUxxnq_rAo0NeVA3YQksVBWQX7nOD5jzSwKxZ5jqXkYyctOMkjQ5N_1_8WLTA4NpvL5vHojoGFRNICt2w7A_30zGhPS3qpRfQ_fXU6SkmgUwncBxPNeRIPmc7X7iZ8DeBCCRoN7hTJ7jodZQlhgB4_154so9bPNVwlWx4BAludC23QXwgrRqR_nV3quvJwPNBwrgwqmPhocG90NFW4Zwxd7MAiwGOq8SDs2_ouG3J0yFyy9x90tt_xPWcNFPBS42NXCRRluIuXoeEdr-mXZy_LhLLXrakLlIa1IkaufAHzIZkP4BgshZ6eAWmyQQ0vPpCOWagzxT9TjgFJaE8Mlf5CMHUmGJcXGabgz-qbRaAVNW7znfjUTZ24MyX5goCWbvfXoquJgtvQsFu8Ap1d5gKxPHfDm60HVkKHC7mM4lAq6dKTFB4lNOinCuTw61PvP8SbMTn7Id3hzzzS2WrQY9IR8-oThJokAErK4z8RW2jEJ7qorZWPsF9xF6jM-k-DuoXD_Do-d8AQyQBTz6kU4gUKjNjZzafLdFPDsyyKGv_NWPl0a-gmVXekWdtV-2r5wEmKHfq7OU46hGPpe9V7xkhcEmkDvjRNtv5KXcufZZmU55naQcFnzaOofOa8Akp9ZuALLxZVcK6hVZ97tdi_tGpCm6Ktt-i0k-zBwhZv7mC0SEtwisltAklABPjVm_7rkeR51AwO2QGg2vYjE0_PKj78wTCePV1VD_zdhcYLt2Gt7VjWTPIeYa7_kqCI9-LNkQGsLH8AR0eeOoDUdl70ouZXczLbs5aIZjQ1TDYUfeCzv7ONskSqh8cdQQhnCSCPCg7BJnVmKyA9ROvX1K4Xr3Ahy0BEuZAsz6_piUTmGMS_OzFXKHYny0aMpoLNsKQ&sai=AMfl-YTb9qKbPF-4rim3uL2h_-ZQJrSAv5S4whiLJtz3L-xtfyqGT_t_SRvEcA&sig=Cg0ArKJSzKLhqbiyjiBAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 1F76793505EC8BC189B497D43D586E4F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 215CFED1961965842B409B9DC4FC56F0
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Frame ID: 1307E30E68AC9601044CC160C9A0AC9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4797E202DEE61FF44E35B5FA0FE66DCA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html
Frame ID: CE8F760706E03F20C6FC1CA5EB262108
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Frame ID: 6C7A2CBFE5FFA54BDF3D730CA3BB6F8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4E4C8C61D8ED22A8824A4F9BEDF9D83B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDF2A668879A20CBE342CB2A33E01AD2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D804BAC64B4CD3332200259369B0EBC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CC8223074E8B52653806D7DE2790990
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21446C687487DBC0F4781F2415D40EE0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

faizaneraza.org - Toll Free Phone Number

Page URL History Show full URLs

https://faizaneraza.org.admin-eu2.cas.ms/ Page URL
https://faizaneraza.org/ HTTP 302
https://faizaneraza.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

116
Requests

93 %
HTTPS

59 %
IPv6

21
Domains

27
Subdomains

25
IPs

7
Countries

1271 kB
Transfer

3262 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pampers.com/en-us/contact-us
Title: Click here

Search URL Search Domain Scan URL

URL: https://pampers.com/en-us
Title: https://pampers.com/en-us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://faizaneraza.org.admin-eu2.cas.ms/ Page URL
https://faizaneraza.org/ HTTP 302
https://faizaneraza.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr8fX2TxDeAhjeAjIIQDue9aoigZ8 HTTP 301
https://tpc.googlesyndication.com/simgad/6577506610223554973

Request Chain 90

https://d.agkn.com/pixel/2175/?google_gid=CAESEH9IQxnU4g6WR5rrD-ICrVY&google_cver=1&google_push=AZmPxg9R4W3anyRjiPVB389BWhCq0-XjrYxKi2JPiPLVkcg--kOv9BHOKQHNM4DsZjS2iohztMfkex83lnWUmHQna-HJApDrgNs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9R4W3anyRjiPVB389BWhCq0-XjrYxKi2JPiPLVkcg--kOv9BHOKQHNM4DsZjS2iohztMfkex83lnWUmHQna-HJApDrgNs&google_hm=Q0FFU0VIOUlReG5VNGc2V1I1cnJELUlDclZZ

Request Chain 93

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIsdWTFptTEm5Bx9SNPQThI&google_cver=1&google_push=AZmPxg9HHSOh96rZNBIHJz8iC3nnZkdHK0616MlG_aTk4s19deJ8QUYGX8-Xie_w6xU5l5x81pi4lgY0v-VcE9V34xehkjMSAQM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtTS02S0sz&google_push=AZmPxg9HHSOh96rZNBIHJz8iC3nnZkdHK0616MlG_aTk4s19deJ8QUYGX8-Xie_w6xU5l5x81pi4lgY0v-VcE9V34xehkjMSAQM

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_cver=1&google_push=AZmPxg9sM8mBu4HHo6DASr91tKDErk7BhUfM-UwtKzzNXoxdaIHy0qjBORbLUzdU7eEioPZ-eC6qD51TKUzqQuZ_ZssqUqM91Qk HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_push=AZmPxg9sM8mBu4HHo6DASr91tKDErk7BhUfM-UwtKzzNXoxdaIHy0qjBORbLUzdU7eEioPZ-eC6qD51TKUzqQuZ_ZssqUqM91Qk&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg9sM8mBu4HHo6DASr91tKDErk7BhUfM-UwtKzzNXoxdaIHy0qjBORbLUzdU7eEioPZ-eC6qD51TKUzqQuZ_ZssqUqM91Qk

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGb_ZIaU_WRKC0sNKtFJqrQ&google_cver=1&google_push=AZmPxg-lCreBbEPvBU6zazc4fMb8IkoHBJ3yZDrsI4LI3rjsAr5KgKU-mNKlNveSt8RvCxX3d3O2xQgKNqln2coZyg_kiTTEGhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtRC04TjY1&google_push=AZmPxg-lCreBbEPvBU6zazc4fMb8IkoHBJ3yZDrsI4LI3rjsAr5KgKU-mNKlNveSt8RvCxX3d3O2xQgKNqln2coZyg_kiTTEGhg

Request Chain 107

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_cver=1&google_push=AZmPxg842hNHCr8Y77rzwEvOisc-xbyZ2K4uKX2N--IroE83kaOLfRUa01fVKPdHW4MhALQQoDG_pnIQFXdaOlRk2BYtC2kFie8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_push=AZmPxg842hNHCr8Y77rzwEvOisc-xbyZ2K4uKX2N--IroE83kaOLfRUa01fVKPdHW4MhALQQoDG_pnIQFXdaOlRk2BYtC2kFie8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg842hNHCr8Y77rzwEvOisc-xbyZ2K4uKX2N--IroE83kaOLfRUa01fVKPdHW4MhALQQoDG_pnIQFXdaOlRk2BYtC2kFie8

116 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
faizaneraza.org.admin-eu2.cas.ms/ 1 KB
891 B 432ms
27ms Document
text/html 51.105.164.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.105.164.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

6a8613b42ad39c6c1243da3d6543a79d64e752d8e43f827c5d0b0bbf28030554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 06 Oct 2022 14:10:04 GMT
expires: Mon, 01-Jan-1990 00:00:00 GMT
pragma: no-cache
server: openresty
strict-transport-security: max-age=31536000
x-mcas-cache-status: MISS
x-mcas-processing-time: 2
x-mcas-request-id: e2d598103c4d06242bc21d29998138ef
x-mcas-upstream-time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.22.31/js/ 5 KB
5 KB 141ms
43ms Script
application/javascript 2a02:26f0:dc::6853:521
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/js/session-context-store-helper.min.js
Requested by: Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:521 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org.admin-eu2.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 06 Oct 2022 14:10:04 GMT
last-modified: Mon, 19 Sep 2022 08:26:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Qh6Fmc0rxdbvbMqaLfAfTQ==
etag: 0x8DA9A18AF397917
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e3c3226f-e01e-0060-52b6-d38a09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30893837
x-ms-version: 2009-09-19
content-length: 4826

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.22.31/html/ Frame DCDA 209 B
659 B 43ms
43ms Document
text/html 2a02:26f0:dc::6853:521
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:521 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer: https://faizaneraza.org.admin-eu2.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30885715
content-length: 209
content-md5: xcQ/+x+i42xZPwR88wJc4A==
content-type: text/html
date: Thu, 06 Oct 2022 14:10:04 GMT
etag: 0x8DA9A18AC8121AD
last-modified: Mon, 19 Sep 2022 08:26:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: debbfd8a-001e-0025-43a3-d35798000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.22.31/js/ Frame DCDA 38 KB
38 KB 44ms
44ms Script
application/javascript 2a02:26f0:dc::6853:521
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:521 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 68839f7ff6729a90f2e1b9df9468a7bfdedfe247002ff39d56ff94bc829e7a70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.22.31/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 06 Oct 2022 14:10:05 GMT
last-modified: Mon, 19 Sep 2022 08:26:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: KzxKIFELRJDk/nXzWazXbg==
etag: 0x8DA9A18AF628189
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e3c3275e-e01e-0060-06b6-d38a09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30893847
x-ms-version: 2009-09-19
content-length: 38693

GET
H2

200

Primary Request / Show response
faizaneraza.org/
Redirect Chain

https://faizaneraza.org/?
https://faizaneraza.org/

280 KB
51 KB

265ms
264ms

Document
text/html

2606:4700:3033::ac43:8766
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faizaneraza.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8766 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cca407f53a9ea602a827d643c4c8ba736067eac6ff618188b484af3afccb79a

Request headers

Referer: https://faizaneraza.org.admin-eu2.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 755efa803f1fb93f-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 14:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipt68V0v3CtqhOMvQBcNCbps9difm%2BLbl3Wq2vIhr4x%2B9Kz6MOc8ZSFUwd5tmuGmQeciyc773tTmurwv09boFu6AjEScncVLd1aLkvXbe7iq91wRRYcFiu9WKzXzbJwLK9MSpAR9vW5RwEydzjI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 755efa7e2b5cb93f-AMS
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 14:10:05 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKhXhyeVLUBKcliBoklGxly5cPPuEtolpji5D2m7QP0ZjneJAw5HLayfZKcZDG9aJC2nhsV2aXHLCQGgZiLURbtnEYCjHRE88eR2AQc1BdPYbOchrv1mzUspql3gYNkD7RZDnoLC2MHoDZ4DLvA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 179ms
68ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic

Requested by

Host: faizaneraza.org
URL: https://faizaneraza.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 14:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 12:46:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 14:10:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 271ms
147ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: faizaneraza.org
URL: https://faizaneraza.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5baa894130c3e62b8ef0723ae7f07cf2639007dc4da45f9ff6f9cf2d2f057a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54695
x-xss-protection: 0
server: cafe
etag: 2768784455213869539
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 14:10:05 GMT

GET
H3 200 6666cd76f96956469e7be39d750cc7d9.jpg
faizaneraza.org/img/ 2 KB
2 KB 146ms
146ms Image
image/jpeg 2606:4700:3033::ac43:8766
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://faizaneraza.org/img/6666cd76f96956469e7be39d750cc7d9.jpg?resize=259%2C145
Requested by: Host: faizaneraza.org
URL: https://faizaneraza.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8766 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9eb92be02950a8826f058cb7223b7859bd93d0257d4643530a0b9468dfef3eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:05 GMT
cf-cache-status: MISS
last-modified: Thu, 31 May 2018 11:25:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b0fdb9f-6cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9qI9yvmPi7S7WqmAf6vflMF9VAFtWd%2FP7QNZnPh3zZrjdCCPopnXwC85EncEiLZBIC4wM9yJEWCmQ3kFaqo5%2BALUhSC8D8Em95e05lebo3JdzPNBMyZrQLj3YG1N2wQvDLnDWrLOJNdNZmJaH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 755efa823903b828-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1739

GET
H2 200 warning.png
i0.wp.com/faizaneraza.org/wp-content/plugins/wp-content-copy-protector/images/ 356 B
682 B 80ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/faizaneraza.org/wp-content/plugins/wp-content-copy-protector/images/warning.png

Requested by

Host: faizaneraza.org
URL: https://faizaneraza.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

955660d126962cf788b820911f748b2c61e11e41e84929ba9436530ef1c93ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 06 Oct 2022 14:10:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Jun 2022 13:32:43 GMT
server: nginx
etag: "1a5cc9ce0f50374f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://faizaneraza.org/wp-content/plugins/wp-content-copy-protector/images/warning.png>; rel="canonical"
content-length: 356
expires: Fri, 07 Jun 2024 01:32:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 153ms
43ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://faizaneraza.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:55 GMT
x-content-type-options: nosniff
age: 242351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 190ms
101ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062866992167421&plah=faizaneraza.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae045b5771090b347d5b7d73e488c7656d66558d9ef32ca30cf1086b33266dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117220
x-xss-protection: 0
server: cafe
etag: 5941278271644206669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 14:10:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame A869 10 KB
5 KB 178ms
56ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 12:43:42 GMT
etag: 9671129459699598864
expires: Thu, 20 Oct 2022 12:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 202ms
66ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=faizaneraza.org&callback=_gfp_s_&client=ca-pub-4062866992167421

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062866992167421&plah=faizaneraza.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

9bc5f05f85b05dc885b739d31b2cbcfa5c6c5c53dd5f38b9304b66a0a35541b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 218ms
67ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=faizaneraza.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 192ms
67ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=faizaneraza.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7D8 256 KB
64 KB 635ms
572ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&adk=1812271804&adf=3025194257&lmt=1665065406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffaizaneraza.org%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065406137&bpp=4&bdt=409&idt=302&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7647895633&frm=20&pv=2&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fadd1dc4bdde1a7e422143e07a945397fe9f68435029bbd39bad050164598360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65391
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:07 GMT
expires: Thu, 06 Oct 2022 14:10:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12C8 74 KB
30 KB 991ms
937ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2720723718&adf=2744381918&pi=t.aa~a.2233230043~rp.4&w=895&fwrn=4&fwrnh=100&lmt=1665065406&rafmt=1&to=qs&pwprc=2393093044&psa=0&format=895x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065406141&bpp=2&bdt=413&idt=316&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jzMYZLNRwZ&p=https%3A//faizaneraza.org&dtd=320

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db612389a693c6bc31d15d905b7d29e32018813eb7b0870066adf817222a86c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31020
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:07 GMT
expires: Thu, 06 Oct 2022 14:10:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 151 KB
54 KB 116ms
116ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42abe6da0756a3ba6ed8623fde5c9c76937854b92b60f783845a7d2ed5576458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55042
x-xss-protection: 0
server: cafe
etag: 3602725997583243774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 104ms
40ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=faizaneraza.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 160ms
67ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=faizaneraza.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B64 75 KB
23 KB 613ms
612ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c157d018230f5badcd3c6f03c50c23dc89118cf48a9d90ecc1918b270dca31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:07 GMT
expires: Thu, 06 Oct 2022 14:10:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A132 68 KB
22 KB 530ms
529ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60b3ae3fc0a37fbb918968021530802d70c16b727bc751b082d47df8076d582a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22499
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:07 GMT
expires: Thu, 06 Oct 2022 14:10:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame 4CC4 10 KB
4 KB 31ms
31ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 42995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 02:13:32 GMT
etag: 9671129459699598864
expires: Thu, 20 Oct 2022 02:13:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame 5354 10 KB
4 KB 31ms
30ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 42995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 02:13:32 GMT
etag: 9671129459699598864
expires: Thu, 20 Oct 2022 02:13:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 4CC4 4 KB
636 B 159ms
68ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 14:06:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4CC4 205 B
742 B 155ms
45ms Image
image/png 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 11:44:07 GMT
x-content-type-options: nosniff
age: 8760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Oct 2023 11:44:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4CC4 604 B
695 B 156ms
46ms Image
image/png 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:27:47 GMT
x-content-type-options: nosniff
age: 13340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Oct 2023 10:27:47 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame 4CC4 19 KB
9 KB 122ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:53:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5354 4 KB
621 B 154ms
68ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 13:09:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 5354 2 KB
983 B 146ms
65ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:53:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5354 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIwY6vuE-Y7GKIsi_1fAPyIGt8A_rmarGYN_niLHdDIKpm5iRDhABIPqcyDBgkYSghYwYoAHHls3LA8gBCagDAcgDywSqBMgBT9BzgPin9lMAHeL0Np6gu21n_3G9GkUvayhFvJLiEgDy9eFDfFAHEDnrYcIALGhqe9WvIBWHehsW1T8U8uOeS50hSESDOEZJ4dl888YbZPO0zyJpv5nrxZcahuRUBDGl8np303M869Mktw2Vggl7fKlRFBtZwGm-ZW8OjmTfDOxmmqOPZYqmpRCT5h5Ap2ZH-th1Z8oIsydlanONNlMFRFh77p9Uz2vmTElKNpf_1u3r6qcBOhW2q4K2vEpxxrSAQGdrwSMDP0TABIiPz6C1A5IFBAgEGAGSBQQIBRgEoAYugAeh6bI0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8Y8P0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTQwNjI4NjY5OTIxNjc0MjEYAA&sigh=QIM6HFrJbjs&uach_m=[UACH]&template_id=484

Requested by

Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Oct 2022 14:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 5354 23 KB
9 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 14:03:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 5354 3 KB
1 KB 145ms
66ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:58:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 5354 17 KB
7 KB 122ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:47:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5354 142 KB
45 KB 197ms
84ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 5354 32 KB
14 KB 147ms
47ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:07:08 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/15457768939167877261/ Frame 5354 20 KB
21 KB 146ms
69ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15457768939167877261/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a534e1fb1079f6cbebd125f0e829e75242b1a0999de65cdf495e75b505b728bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 18:38:44 GMT
x-content-type-options: nosniff
age: 70283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20921
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 16:59:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Oct 2023 18:38:44 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15696517964226675774/ Frame 5354 14 KB
15 KB 156ms
80ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15696517964226675774/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d9e58a8e1630f73fc35c20a168563851d16dfa5f049609bc5fdf2e15c8285bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:59:42 GMT
x-content-type-options: nosniff
age: 292225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14759
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 18:22:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 04:59:42 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F76 0
0 213ms
85ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqWyIzZZzC0zvPamypBBbtdGqQeVc-hDk6vqm_nMmhHhgWK24uwXKg6NbsiLan193YxRY_oZjniEGd3iTsMrj39ZQR6rS2Qw_QDKPO8woT5IbBDVQka9UcVU4e1xqK_Ws-SDqILUGPLxUxxnq_rAo0NeVA3YQksVBWQX7nOD5jzSwKxZ5jqXkYyctOMkjQ5N_1_8WLTA4NpvL5vHojoGFRNICt2w7A_30zGhPS3qpRfQ_fXU6SkmgUwncBxPNeRIPmc7X7iZ8DeBCCRoN7hTJ7jodZQlhgB4_154so9bPNVwlWx4BAludC23QXwgrRqR_nV3quvJwPNBwrgwqmPhocG90NFW4Zwxd7MAiwGOq8SDs2_ouG3J0yFyy9x90tt_xPWcNFPBS42NXCRRluIuXoeEdr-mXZy_LhLLXrakLlIa1IkaufAHzIZkP4BgshZ6eAWmyQQ0vPpCOWagzxT9TjgFJaE8Mlf5CMHUmGJcXGabgz-qbRaAVNW7znfjUTZ24MyX5goCWbvfXoquJgtvQsFu8Ap1d5gKxPHfDm60HVkKHC7mM4lAq6dKTFB4lNOinCuTw61PvP8SbMTn7Id3hzzzS2WrQY9IR8-oThJokAErK4z8RW2jEJ7qorZWPsF9xF6jM-k-DuoXD_Do-d8AQyQBTz6kU4gUKjNjZzafLdFPDsyyKGv_NWPl0a-gmVXekWdtV-2r5wEmKHfq7OU46hGPpe9V7xkhcEmkDvjRNtv5KXcufZZmU55naQcFnzaOofOa8Akp9ZuALLxZVcK6hVZ97tdi_tGpCm6Ktt-i0k-zBwhZv7mC0SEtwisltAklABPjVm_7rkeR51AwO2QGg2vYjE0_PKj78wTCePV1VD_zdhcYLt2Gt7VjWTPIeYa7_kqCI9-LNkQGsLH8AR0eeOoDUdl70ouZXczLbs5aIZjQ1TDYUfeCzv7ONskSqh8cdQQhnCSCPCg7BJnVmKyA9ROvX1K4Xr3Ahy0BEuZAsz6_piUTmGMS_OzFXKHYny0aMpoLNsKQ&sai=AMfl-YTb9qKbPF-4rim3uL2h_-ZQJrSAv5S4whiLJtz3L-xtfyqGT_t_SRvEcA&sig=Cg0ArKJSzKLhqbiyjiBAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Oct 2022 14:10:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1F76 106 KB
38 KB 130ms
31ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 08:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Oct 2022 08:52:50 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F76 41 KB
15 KB 128ms
64ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:22:29 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1F76 35 KB
14 KB 94ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2720723718&adf=2744381918&pi=t.aa~a.2233230043~rp.4&w=895&fwrn=4&fwrnh=100&lmt=1665065406&rafmt=1&to=qs&pwprc=2393093044&psa=0&format=895x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065406141&bpp=2&bdt=413&idt=316&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jzMYZLNRwZ&p=https%3A//faizaneraza.org&dtd=320

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1de33fafa47a9ed9f2c59b42da324f4135a43a142ad10bdd365c8279ab968de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
server: cafe
etag: 6957495301636067003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 14:00:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1F76 3 KB
1 KB 136ms
73ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:36:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1F76 17 KB
7 KB 109ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:45:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F76 142 KB
44 KB 115ms
108ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 1F76 23 KB
9 KB 95ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 14:03:56 GMT

GET
DATA 200
OK truncated
/ Frame 5354 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ca7cb4f54a958b871039c156f886ebcb3741bde94f2fa27f6fd5e1f948a857f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 215C 2 KB
902 B 94ms
63ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:53:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 215C 23 KB
9 KB 84ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 14:03:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 215C 3 KB
1 KB 105ms
75ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:36:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 215C 17 KB
7 KB 91ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:45:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 215C 142 KB
44 KB 118ms
117ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 215C 32 KB
13 KB 135ms
44ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:07:08 GMT

GET
DATA 200
OK truncated
/ Frame 1F76 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db40dd928650b5a16622dba44c2727f2640b1b2e8aaa28330a436a8538963359

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1307 36 KB
16 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:20:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4797 22 KB
8 KB 43ms
43ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 220891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 00:48:36 GMT
expires: Wed, 04 Oct 2023 00:48:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/ Frame CE8F 5 KB
2 KB 148ms
35ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9785a3ee9c931069e72461f12d1a80053bd2115d9c229bd1c8e5c9948fc95f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1685
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 02:17:32 GMT
expires: Fri, 06 Oct 2023 02:17:32 GMT
last-modified: Tue, 06 Sep 2022 17:11:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A132 8 KB
894 B 82ms
81ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 12:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame A132 2 KB
902 B 44ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:53:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame A132 23 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 14:03:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame A132 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:36:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame A132 17 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:45:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A132 0
0 113ms
38ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhM052D_GBYMgOvUNIDtlBSCabKPQ-TlDJoJ32kzsqFu3w6eLp1YVdtQNRCTsjPbwI1f23R38fT46jebWX3P5EUazsyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A132 142 KB
44 KB 223ms
124ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame A132 32 KB
13 KB 50ms
48ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:07:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A132 0
0 82ms
80ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbCISv-E-Y8uuDYHG1fAP8Oay0AGw-JDvY--MzdWlDvfR-NraDxABIPqcyDBgkYSghYwYoAG_-LLmA8gBAakCHm7LgG-ypT6oAwGqBM0BT9DwUPdaG9i98SlSMT1rlL15mCDyi_2sCAheUkNBHoZgMuaOhykYLlW7rjGDcdr_vn8cMz7Kd-dUwyRo7OwwZKCSuYuklUiqOQBFXXrEWFOvoneyoJCT_4rXbKij7VC1Lb3CCjUKK_1WYQ6FqM170GN3tGqAuynnzrUqxFv5OLRlP5vdXSszv2Y35zXK3KmAQH3o3-iedBGiXTGYHUC_EB-4c_0TpQCcvo-zYGHfc7SINmMDAvOo9IP28V3kLp5n5oDhCuXbM3xNo1IEdsAEnNaLwvADkgUECAQYAZIFBAgFGASAB6mHzRmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCV-gjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi00MDYyODY2OTkyMTY3NDIxGAA&sigh=Ko_CYieG1zE&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Oct 2022 14:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A132 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C7A 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: faizaneraza.org.admin-eu2.cas.ms
URL: https://faizaneraza.org.admin-eu2.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:20:51 GMT

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4797 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:20:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8B64 3 KB
601 B 67ms
67ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 12:24:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8B64 2 KB
902 B 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:53:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 8B64 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 14:03:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8B64 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:36:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8B64 17 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:45:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B64 0
0 38ms
37ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoOi_j5eOxFOpEpecHkLmnpRmn0xrjPe50w5eV541SFCDXIK25l7RLAI8pmNQKr9Xu43xfnaYRbESVc3A45w2GB5gwMA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B64 142 KB
44 KB 93ms
87ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 14:10:07 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 8B64 32 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:07:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B64 0
0 77ms
77ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSUl7v-E-Y-X7DKHnxgPu6qWAD4q-2rlrjbrs3bkJ_9i-wJELEAEg-pzIMGCRhKCFjBigAYGW6P4DyAEGqAMByAMCqgTUAU_Qp50zx13Eziva2DdGn6pZkjuCOGX4TZkpQypu_FBPC8A9l2yDjfKc0MAKvxaGzInM3POSrvziqfp5bBO_dkLbV43tvfoWx5lziQuJ0bVcyjITFgolwjIWmwzBx8SDQRQuwi5vwkjPKlgRYRHcFu4Q-Ufq_wJe-K6H15fAGS-HZkkok-4Cfszs89ckpiJ5VEpZTJ7KvwcoJcLmUwQQLP4nx2BtzOvS_k80wmreYhGD5ma7jWOIidxcSrl8h5fREPXNsKR9_6-z9snPPHW6KPW9jnKzwASumvvaiQGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH5-mXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDb0wvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUCNAVAYAXAbIXHAoaCAASFHB1Yi00MDYyODY2OTkyMTY3NDIxGAA&sigh=b_eWMjX47mU&uach_m=[UACH]&template_id=493

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Oct 2022 14:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E4C 143 B
166 B 31ms
30ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 13:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CDF2 1 KB
749 B 44ms
44ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 23975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 07 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

6577506610223554973
tpc.googlesyndication.com/simgad/ Frame 8B64
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr8fX2TxDeAhjeAjIIQDue9aoigZ8
https://tpc.googlesyndication.com/simgad/6577506610223554973

23 KB
23 KB

33ms
32ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6577506610223554973

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f7ce70d37f721facab49d8c60c3101a19bfeb04c13248610b7b7e0c4cc1e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:10:39 GMT
x-content-type-options: nosniff
age: 122368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23274
x-xss-protection: 0
last-modified: Thu, 28 Feb 2019 11:48:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Oct 2023 04:10:39 GMT

Redirect headers

date: Thu, 06 Oct 2022 07:32:16 GMT
x-content-type-options: nosniff
server: cafe
age: 23871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6577506610223554973
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 07:32:16 GMT

GET
H2 200 1735693275594153158_16608232863811718906.jpeg
static.doubleclick.net/dynamic/5/202181353/ Frame 8B64 3 KB
4 KB 206ms
47ms Image
image/jpeg 2a00:1450:400d:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/202181353/1735693275594153158_16608232863811718906.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e226c0eee98736ce4bcdce5e6ec8583307dadbe2f1c148aef9ba0030f48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:17:39 GMT
x-content-type-options: nosniff
age: 107549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3190
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 13:55:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 08:17:39 GMT

GET
DATA 200
OK truncated
/ Frame A132 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8f6c4c83c405885abf9b1ab657258137b3ddbfb0e0d35809dc7550f6ac1fec6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.css
s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/styles/ Frame CE8F 4 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b55e02e291b3622445c14adfb75aa2663ef888e911c7b6dfe281c01fdf7d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 05:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 17:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 05:17:56 GMT

GET
H3 200 george-300-v3.jpg
s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/images/ Frame CE8F 52 KB
52 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/images/george-300-v3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9506e823e5d1f8440c46b9f44c8e28ac7cef5baa65eb97e0d5d6ac5c2d2f4bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:14:19 GMT
x-content-type-options: nosniff
age: 208548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53049
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 17:11:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 04:14:19 GMT

GET
H3 200 arrow-right-blue.png
s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/images/ Frame CE8F 15 KB
15 KB 41ms
41ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/images/arrow-right-blue.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

145e87bd5ce70ba5f8a361e5c91881bd7262072989597fd76a179ea54e58fd10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 02:17:33 GMT
x-content-type-options: nosniff
age: 42754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15592
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 17:11:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 02:17:33 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/scripts/ Frame CE8F 2 KB
684 B 34ms
34ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b9d3f2f115c18e1d27634717cb8bde194657fd2a662afc6ab685d3598976fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 655
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 17:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 04:14:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8D80 1 KB
749 B 48ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 23976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 07 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8B64 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdbde1b570d5135294bea388c49f1243986952f9df9e88fb7fdda448d4c2a3b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 search.png
s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/images/ Frame CE8F 514 B
541 B 42ms
42ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/images/search.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9353495636672721383/MAR420-money-redHighlight-PL-970X250/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 02:17:34 GMT
x-content-type-options: nosniff
age: 42753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 17:11:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 02:17:34 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CDF2 35 B
462 B 109ms
32ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDSHL-NAKHbOvVXDVduzjpw&google_cver=1&google_push=AZmPxg8Hz3Z2T08U0szEYjm1Bmk2lmbNxTJxOlv03F0RClCfAtrt_oIJE_FN1v0pP7VLfRrVQsp7pkLzurj0dBGhL8wyFKwHqH8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF2
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEH9IQxnU4g6WR5rrD-ICrVY&google_cver=1&google_push=AZmPxg9R4W3anyRjiPVB389BWhCq0-XjrYxKi2JPiPLVkcg--kOv9BHOKQHNM4DsZjS2iohztMfkex83lnWUmHQna-HJApDrgNs
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9R4W3anyRjiPVB389BWhCq0-XjrYxKi2JPiPLVkcg--kOv9BHOKQHNM4DsZjS2iohztMfkex83lnWUmHQna-HJApDrgNs&google_hm=Q0FFU0VIOUlReG5VNGc2V1...

170 B
188 B

108ms
45ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9R4W3anyRjiPVB389BWhCq0-XjrYxKi2JPiPLVkcg--kOv9BHOKQHNM4DsZjS2iohztMfkex83lnWUmHQna-HJApDrgNs&google_hm=Q0FFU0VIOUlReG5VNGc2V1I1cnJELUlDclZZ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 14:10:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9R4W3anyRjiPVB389BWhCq0-XjrYxKi2JPiPLVkcg--kOv9BHOKQHNM4DsZjS2iohztMfkex83lnWUmHQna-HJApDrgNs&google_hm=Q0FFU0VIOUlReG5VNGc2V1I1cnJELUlDclZZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame CDF2 43 B
351 B 89ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF-WWAkbzZCNeCF9rWsydQQ&google_cver=1&google_push=AZmPxg_8RJVBvrkDH6L6dx2D6H5dkANcQOFmPc3hvzONZyW5H9sfhku6oWg-0fq6KE-eoaKD21ikZjXVlb57nkECfAnPXb4O8SM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n8gndkmhbctevbkehph6lnkujal7vn17

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CDF2 0
166 B 100ms
23ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKhq5Bw4VDjuUFLpZKuqGOE&google_cver=1&google_push=AZmPxg-rFNj1-qTVsRsvKOMERayWUxTwXF8BgX52eFJo70mobqU8YmXGWfE1pzBsmAfSUGqXD2Vs_rQEfgh3BmirsARFG3qJ-WM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 06 Oct 2022 14:10:08 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIsdWTFptTEm5Bx9SNPQThI&google_cver=1&google_push=AZmPxg9HHSOh96rZNBIHJz8iC3nnZkdHK0616MlG_aTk4s19deJ8QUYGX8-Xie_w6xU5l5x81pi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtTS02S0sz&google_push=AZmPxg9HHSOh96rZNBIHJz8iC3nnZkdHK0616MlG_aTk4s19deJ8QUYGX8-Xie_w6xU5l5x81pi4lgY0v-VcE9V34xehkjMSAQM

170 B
188 B

105ms
43ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtTS02S0sz&google_push=AZmPxg9HHSOh96rZNBIHJz8iC3nnZkdHK0616MlG_aTk4s19deJ8QUYGX8-Xie_w6xU5l5x81pi4lgY0v-VcE9V34xehkjMSAQM

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtTS02S0sz&google_push=AZmPxg9HHSOh96rZNBIHJz8iC3nnZkdHK0616MlG_aTk4s19deJ8QUYGX8-Xie_w6xU5l5x81pi4lgY0v-VcE9V34xehkjMSAQM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg9sM8mBu4HHo6DASr91tKDErk7BhUfM-...

170 B
188 B

104ms
42ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg9sM8mBu4HHo6DASr91tKDErk7BhUfM-UwtKzzNXoxdaIHy0qjBORbLUzdU7eEioPZ-eC6qD51TKUzqQuZ_ZssqUqM91Qk

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 14:10:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdvdoWe__vZsqk0ndUPwfQ&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg9sM8mBu4HHo6DASr91tKDErk7BhUfM-UwtKzzNXoxdaIHy0qjBORbLUzdU7eEioPZ-eC6qD51TKUzqQuZ_ZssqUqM91Qk
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame CDF2 43 B
296 B 188ms
35ms Image
image/gif 2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEK_ETwjhXySh6exSo83zWH8&google_cver=1&google_push=AZmPxg-15ghni5DyhoAV71A0m0Jfxt_6hWtCRLKHqwbN6cilyeUGFdmJVjECyTzGt7LJ0xbhjQF1uzpKyO0D44m1t6QuGSrgDJ8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=919231802&pi=t.aa~a.4218446496~i.37~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280%2C641x280&nras=4&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uJff7OllZ2&p=https%3A//faizaneraza.org&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CDF2 0
232 B 124ms
38ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXfq4Qcjdg44xJrz_xtmmMXCBzIWBERp3mvaePv3r5lIs5Mu4772qanE2TZu1rBER0D4bl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E4C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:08 GMT
expires: Thu, 06 Oct 2022 14:10:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4797 0
20 B 79ms
79ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz2CevuE-Y6r3IcTI1fAPltuZ2AMAAAAAOAHgBAI&bg=!UVKlUhbNAAYQgTJdMIE7ACkAdvg8Wn1iOkX2Ho-vL9-h-WzWeD0CnjibS9Z6DwKEozINBGNkpYg7ewIAAAB9UgAAAAJoAQeZA1LHKPMK950N0B4l4IAaMYdCrZ6Zk5MhVyKqNQWj63GJFZSYL_bHPW53SPN-P4uy1Bw4s9bVqiOIj5d9k5BGAI_Z6k4ixItQygD3Lk6-zJBoOriPAn3ItJJ7yLRo56D948DhPmuRyKIHyla0uuLLln4OQG9f2iUWuweOt3eqFMMFqFXMCCTgDjzz01WXLi2puWikqSc53M3e_0_CvP_K4Jte7XZ9ouWSm19o0FLX63lBiMXrJP0eZBzsmp3HrywG4g5Ao4uvKHojf2F07Qvoz7vYofhnpaD199DQqL5pSaqCatowXwv2hjhzz-mmX_bRrB944n-rhF6_LQvp5TqMKioXuRyuq1ionsXampQQyuABY5AaGU0vOitzttBAjATSuThM56EUFHrk2PtSa4TFONWT5QJRmgDNIYN5okOqY9wJG4lkZ50rq0qfYDj94dETCBV2_Y_DQQsFxVgyDn7k5mdb9l25iu3OybqKfW1RYJhJz4wg6m1A_hOwZvMTHKsWGednYwr--ET4InmpX60EBs4s504kr1D_Jo5w6aD_9N3dyNJVTeGtTSMRYc6mPhHH9cSoJF9dUBAErQrQfCuxHrN2mv-x_yQo1e8saFpY5FuP_UDYTaJ99KhSHZB-SjzrIgLgixDW3CpaS37K3x96107mB_yOg8AILRi0_lBgaImgkeo_uJM9mTV-rQNc17MzPWqTgt99JEDEiNIj8cUJb4GxcmRiJsy8oz2mRwgEGNuH4R7qs0FPxXmqKx0hu1ukuDP6n0-favFAqCfd8Avjh1D-8zypEIq2_RnpNwJQhFxAd-VK3hp3N9WQUbaGukxJF4PvIrWAue85VT_J2r2fz3Pcawb_rz20rDUeW9ikoTgmASKbfFh4kH_hQD1WHcUthf7FoC3jkd6hwJ6wjSmOI-6j0d3YwJ_BjCbA3bHN8zX865M2hpjzPS3eGQ4TDpqGq3A2HJgjKFg2AEUr7MlGjEjFkhc0gBxgLvLJ3ZJGfoPWeBw0zIzw6UFiOmpch2f_2ZlwgQgr2pnD3G4_hDWsT7g8r13tvdHisV1Arne9FKwA5oR21hVgEAyG821GZWd6ZeEwKuFhtmO1e8f3oXylLMQnjdw7MHfKJwASu3izwm01WsDf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8B64 20 KB
20 KB 160ms
67ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 22:22:05 GMT
x-content-type-options: nosniff
age: 143283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:22:05 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8B64 21 KB
21 KB 141ms
49ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 00:21:21 GMT
x-content-type-options: nosniff
age: 136127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:21:21 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A132 28 KB
28 KB 136ms
45ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 63126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:38:02 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8D80 35 B
463 B 92ms
31ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAPLTUXdc73sHswVm8ZWad8&google_cver=1&google_push=AZmPxg-RQh3JBPnjwqwpsloZURQMIK49ZEKFpk45Sz6roUZpBv7VjrjEvTKeaRVxmwp-PBtySslBbY0d_4i4rOu83ywPC6JJ_IE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8D80 43 B
356 B 93ms
31ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELeyvA0b0Vn_L1ZFfhRG7N4&google_push=AZmPxg9wcn9Tx0G3rzvGvawMZwkAJ5c-NcNywA7fsWfotWjbG7NVYxvezk-RbbucOR4IuMhsP48C5h_uTX8gm6DxqY3nkkMJTQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8D80 43 B
134 B 74ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK7EmOEMMHVsE-Wskslh_T4&google_cver=1&google_push=AZmPxg-yn0c-cUzk7QPqU25DRGhVuuZX8D6YF9EVn_3CJsc8uhy5azGIiTcvKCFbpQVt4ZL9G1ywufOCrot3P0bfrydHnR_Hjp4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:07 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: evs0svuf7622seqchks2t6el6giprf5q

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8D80 0
41 B 84ms
24ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENWz-aqD9-VgILWhNbaZWCQ&google_cver=1&google_push=AZmPxg9a3XBXNejgZWsrW9ZQJOlFYt50Ep4ALkOmK5TDyEIufL_NcD7xTTp3W4MC6U3IBIkvrOJ7DSizAPNSjyppYBB04RQK4CU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 06 Oct 2022 14:10:08 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D80
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGb_ZIaU_WRKC0sNKtFJqrQ&google_cver=1&google_push=AZmPxg-lCreBbEPvBU6zazc4fMb8IkoHBJ3yZDrsI4LI3rjsAr5KgKU-mNKlNveSt8RvCxX3d3O...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtRC04TjY1&google_push=AZmPxg-lCreBbEPvBU6zazc4fMb8IkoHBJ3yZDrsI4LI3rjsAr5KgKU-mNKlNveSt8RvCxX3d3O2xQgKNqln2coZyg_kiTTEGhg

170 B
188 B

108ms
46ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtRC04TjY1&google_push=AZmPxg-lCreBbEPvBU6zazc4fMb8IkoHBJ3yZDrsI4LI3rjsAr5KgKU-mNKlNveSt8RvCxX3d3O2xQgKNqln2coZyg_kiTTEGhg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhYNFlCSTQtRC04TjY1&google_push=AZmPxg-lCreBbEPvBU6zazc4fMb8IkoHBJ3yZDrsI4LI3rjsAr5KgKU-mNKlNveSt8RvCxX3d3O2xQgKNqln2coZyg_kiTTEGhg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D80
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg842hNHCr8Y77rzwEvOisc-xbyZ2K4uK...

170 B
188 B

104ms
42ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg842hNHCr8Y77rzwEvOisc-xbyZ2K4uKX2N--IroE83kaOLfRUa01fVKPdHW4MhALQQoDG_pnIQFXdaOlRk2BYtC2kFie8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 14:10:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAolX9jS0kbq5OBKLiKsZDE&google_hm=Yz7hwCGyr3p8MekR9zQc1QAAFAoAAAAB&google_nid=index&google_push=AZmPxg842hNHCr8Y77rzwEvOisc-xbyZ2K4uKX2N--IroE83kaOLfRUa01fVKPdHW4MhALQQoDG_pnIQFXdaOlRk2BYtC2kFie8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 8D80 43 B
295 B 172ms
36ms Image
image/gif 2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEED2K8SjDIW9OYx3ncMqUug&google_cver=1&google_push=AZmPxg8nNZwgACJc_61BrjhTbdD2X-Xp5uw2yVYy_ajwzclzu6tDIlwWrLrLYSzH7WhRbjeXsUC2A_zq6jfW7anbKx5UYCejNCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Oct 2022 14:10:08 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8D80 0
40 B 109ms
40ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFdevGnHED42q_8VaKZW-XxP_AqDXfd6W0J3layA1M9Uy-cMWcLRuOufDE_Hkyi9wIK7Dd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&adk=2776366727&adf=2109381370&pi=t.aa~a.4218446496~i.11~rp.4&w=641&fwrn=4&fwrnh=100&lmt=1665065407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2393093044&psa=0&ad_type=text_image&format=641x280&url=https%3A%2F%2Ffaizaneraza.org%2F&fwr=0&pra=3&rh=161&rw=641&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665065407155&bpp=1&bdt=1426&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc30a2e099e0a33c-22d267453ace00b2%3AT%3D1665065406%3ART%3D1665065406%3AS%3DALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg&prev_fmts=0x0%2C895x280&nras=3&correlator=7647895633&frm=20&pv=1&ga_vid=1760982745.1665065406&ga_sid=1665065406&ga_hid=147549149&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=368&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C31061690%2C31068920&oid=2&pvsid=1168967488133951&tmod=622947511&uas=0&nvt=1&ref=https%3A%2F%2Ffaizaneraza.org.admin-eu2.cas.ms%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0afhtuOTw&p=https%3A//faizaneraza.org&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 164ms
76ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4e32890c01a56ed4b2909ff3b812aa66934bbc03cb7461f139e23e9c92aaad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11127
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://faizaneraza.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 14:10:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CC8 13 KB
5 KB 34ms
31ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:01:04 GMT
expires: Fri, 06 Oct 2023 14:01:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2144 783 B
536 B 72ms
69ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2bc471601fe9530da4a827f7f65ead764c3dcc76a0c5c22879e5d69270cec05b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JRjKYvU2NMPjL8N-8JAVdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faizaneraza.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-JRjKYvU2NMPjL8N-8JAVdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 14:10:08 GMT
expires: Thu, 06 Oct 2022 14:10:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CC8 36 KB
16 KB 45ms
44ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:20:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2144 0
0 77ms
76ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=1168967488133951&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F76 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSLOpThfiUkBZhpMJczqwaQhJQG51-UAFR8UMP49_6ye7cbsU3uAHZMqpcYKsAdvU47P7kIlDfPXYXbzaBtQcMG4SwxXdY9oIq8KEAgo4Hi4dXEftkprjgNAaZXELVm6rxgVlmgMQVeNF7nT6lMWuA87RqQCwIhglNYMgzCE6VYAOgn5t5at-CX-F92fpsbg&sai=AMfl-YTI8LyaXVawJGs28giczYSU9kHt60KCkJF63rms9bm7mjZtxSnyGcNcrB4kO1ghiycWuiz_5gagtI18Hwk&sig=Cg0ArKJSzJrPtiVQ1cJMEAE&id=lidar2&mcvt=1008&p=1,1,231.6875,896&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2720723718&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665065407465&rpt=605&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 14:10:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CC8 0
11 B 31ms
31ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jtTGVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 14:10:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 5354 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIXhFVV8WiZpsiqtwyQCQy6ysS3pNESChrdYqmyZSOqEqBF0kEiSJxoG6KwNerkHASZuczql1FfRHq45wMFIy0awyf77GJ-Nugyv_ITcWFxOfzGSIe1cdd_Nr0OGSJBcoxfNJvFw&sai=AMfl-YRj9YHsFFS15oPm0MWPiqcOCKFq7iLT6qU3f2Ka-jFmrOF23u8NrNco5uffD_R9i0ZS9euObft41cjbCiQ&sig=Cg0ArKJSzDLb61LEd5bsEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=633,734,1000,1400,1767&tos=633,101,266,400,367&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665065407280&rpt=386&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=1168967488133951&bg=!GRqlGl7NAAYQgTJdMIE7ACkAdvg8WjjHeAjQE8ad8JNXAWPkrlFjmFV0siGrGOrxUasHWg885I0_-QIAAABcUgAAAAJoAQcKADcyRju1zFMTBKEFTwd1Qoe_5rMeZfFyAiSLRbelM-JbOOT38E_xjgzqTijSUaqX-ipBwLVqJ9IumQK8zT0CZ6GA_7NEsHb8ys_ecfO6q_dHA4mT4TjzOh5uGCSQEdoFwg9PiHNWgZsCabeMQN3JH36yE8F_i9wPvhqeZSr3qJhzIDz-xufyG7-cYkFknS8y7vWOWsBj_Im0sYTUr_Bo2YsE3PyeVdHTZIJdUwUubYB3LEqOFOoi78X7rM2zFHnIfVa1dqeUeDVH5V72FkHrVBO2v0VkO5eXv_ZDG5hwzmKygGpMWBbD16tYVQgRYdHHQH1GMeXb1lMiCtIliTjDb7BakV8i39AreNepTrir5F_11jPhzXZLydxnwUvDwtESGhTRPWL8ObRg0d5hST2gUOgQWDitExy6TNeURxQQqpvBFCYsGabvKWWDAqhdJqYaOwmhgRFXAiugsfVHm3HWIk-sqviRSMhkW9zZQ-nxkNDrLM2JHMBbJy6K__93sdv7_dw-S9FLV22Ey4rWgX3SuMBfjZEAbSEm4mKyHp6BDLfhh-Ew54WBcdsJwJCjPrfXoxo6QIuhgUjAmkJsI6kZzGOLraxCWQ7IfHB5KKcQDMWhKhwHyTG7s4TmC4QLY6xMi07nmHUCr5mQPwzd162mmgkELnWT9aQ5C0BtXiUCVIa0IBRmQ_ZIYGpNHcTIwPkKrVyUMFBTG5VkznngDtUBGm5U0RepGtBEs_wiCMuribbtK0QNz7E5UUvD6fKVDUEKYRAJUEonX4rlhpQBwaZMP9NRLcbcPYr2A1hejw2xUP7TLFKWcuhNM5tQ1XxPh7oLZIEUvD2dSTDg46XhZ2_QxTnbdA4Uao3r5ds21f0uy87daRHUlyUqQOufHvv8QiWlLFfpoE_OY3G174H2wA8PzF6jQ5yAPiDjbtd5jg31p1hGXF70D41vkALO0rEQkmjLKAFO1-my8xNTXqz50m-31NKAosvjaHsFEfE23kp6OGeiBUxHgvLCyg

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
faizaneraza.org/	1970-01-20 06:31:07	Name: _pk_ses.809.d59d Value: %2A
faizaneraza.org/	1970-01-20 06:31:07	Name: _pk_cvar.809.d59d Value: false
faizaneraza.org/	1970-01-20 15:57:00	Name: _pk_id.809.d59d Value: 5a26469fc8d95b8f.1665065405.2.1665065405..
.faizaneraza.org/	1970-01-20 15:52:41	Name: __gads Value: ID=bc30a2e099e0a33c-22d267453ace00b2:T=1665065406:RT=1665065406:S=ALNI_MYCu-B_-fbMCCdeQJnCDuPJTfqVhg
.doubleclick.net/	1970-01-20 15:52:41	Name: IDE Value: AHWqTUkygX9aeAvAFhEjFtNw7gxThNbcay67QMU87Jei8YC0ALO3dL44pVreaI173nE
.quantserve.com/	1970-01-20 08:40:41	Name: d Value: EB0BCQGiJ4EA
.quantserve.com/	1970-01-20 16:01:19	Name: mc Value: 633ee1c0-23411-9f803-b9059
.casalemedia.com/	1970-01-20 15:16:41	Name: CMID Value: Yz7hwCGyr3p8MekR9zQc1QAA
.casalemedia.com/	1970-01-20 08:40:41	Name: CMPS Value: 5130
.casalemedia.com/	1970-01-20 08:40:41	Name: CMPRO Value: 5130
.agkn.com/	1970-01-20 15:16:41	Name: ab Value: 0001%3A9afvYViivImYh12SjiIzGdTIh6kIW6K2
.agkn.com/	1970-01-20 15:16:41	Name: u Value: C\|0CEAq0Z5AKtGeQAAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:40:41	Name: CMTS Value: 3275
.innovid.com/	1970-01-20 08:40:41	Name: uuid Value: 85f8136d-a353-4b97-9ee2-c88f474bb0e2-20221006 10:10:08
.doubleclick.net/	1970-01-20 06:31:09	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
faizaneraza.org
faizaneraza.org.admin-eu2.cas.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
image6.pubmatic.com
mcasproxy.azureedge.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
142.250.180.226
142.250.186.34
142.251.39.66
185.80.39.216
192.0.77.2
198.47.127.19
2606:4700:3033::ac43:8766
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400d:804::2002
2a00:1450:400d:806::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2006
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::2003
2a02:26f0:dc::6853:521
2a05:d01c:1d8:8101:41a9:3045:e2a8:b4e8
3.123.239.111
34.98.67.61
35.227.252.103
51.105.164.234
69.173.144.138
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145e87bd5ce70ba5f8a361e5c91881bd7262072989597fd76a179ea54e58fd10
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1de33fafa47a9ed9f2c59b42da324f4135a43a142ad10bdd365c8279ab968de6
2bc471601fe9530da4a827f7f65ead764c3dcc76a0c5c22879e5d69270cec05b
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ca7cb4f54a958b871039c156f886ebcb3741bde94f2fa27f6fd5e1f948a857f
40b55e02e291b3622445c14adfb75aa2663ef888e911c7b6dfe281c01fdf7d09
42abe6da0756a3ba6ed8623fde5c9c76937854b92b60f783845a7d2ed5576458
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5baa894130c3e62b8ef0723ae7f07cf2639007dc4da45f9ff6f9cf2d2f057a2b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b3ae3fc0a37fbb918968021530802d70c16b727bc751b082d47df8076d582a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
66c157d018230f5badcd3c6f03c50c23dc89118cf48a9d90ecc1918b270dca31
68839f7ff6729a90f2e1b9df9468a7bfdedfe247002ff39d56ff94bc829e7a70
6a8613b42ad39c6c1243da3d6543a79d64e752d8e43f827c5d0b0bbf28030554
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
77b9d3f2f115c18e1d27634717cb8bde194657fd2a662afc6ab685d3598976fd
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d9e58a8e1630f73fc35c20a168563851d16dfa5f049609bc5fdf2e15c8285bb
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9506e823e5d1f8440c46b9f44c8e28ac7cef5baa65eb97e0d5d6ac5c2d2f4bce
955660d126962cf788b820911f748b2c61e11e41e84929ba9436530ef1c93ee9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc5f05f85b05dc885b739d31b2cbcfa5c6c5c53dd5f38b9304b66a0a35541b5
9cca407f53a9ea602a827d643c4c8ba736067eac6ff618188b484af3afccb79a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e32890c01a56ed4b2909ff3b812aa66934bbc03cb7461f139e23e9c92aaad7
a534e1fb1079f6cbebd125f0e829e75242b1a0999de65cdf495e75b505b728bc
a9eb92be02950a8826f058cb7223b7859bd93d0257d4643530a0b9468dfef3eb
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae045b5771090b347d5b7d73e488c7656d66558d9ef32ca30cf1086b33266dde
b8f6c4c83c405885abf9b1ab657258137b3ddbfb0e0d35809dc7550f6ac1fec6
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bdbde1b570d5135294bea388c49f1243986952f9df9e88fb7fdda448d4c2a3b8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3f7ce70d37f721facab49d8c60c3101a19bfeb04c13248610b7b7e0c4cc1e36
c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3
c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792
d8e226c0eee98736ce4bcdce5e6ec8583307dadbe2f1c148aef9ba0030f48d46
db40dd928650b5a16622dba44c2727f2640b1b2e8aaa28330a436a8538963359
db612389a693c6bc31d15d905b7d29e32018813eb7b0870066adf817222a86c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f9785a3ee9c931069e72461f12d1a80053bd2115d9c229bd1c8e5c9948fc95f3
fadd1dc4bdde1a7e422143e07a945397fe9f68435029bbd39bad050164598360
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

faizaneraza.org Open in urlscan Pro 2606:4700:3033::ac43:8766 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

93 %HTTPS

59 %IPv6

21 Domains

27 Subdomains

25 IPs

7 Countries

1271 kBTransfer

3262 kBSize

15 Cookies

2 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

faizaneraza.org Open in urlscan Pro
2606:4700:3033::ac43:8766 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

93 %
HTTPS

59 %
IPv6

21
Domains

27
Subdomains

25
IPs

7
Countries

1271 kB
Transfer

3262 kB
Size

15
Cookies

116 HTTP transactions
5 data transactions