moneysenator.com Open in urlscan Pro
2606:4700:3036::6815:eef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featu...
Submission: On August 16 via api (August 16th 2022, 1:09:35 am UTC) from US — Scanned from DE

Summary HTTP 192 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 31 domains to perform 192 HTTP transactions. The main IP is 2606:4700:3036::6815:eef, located in United States and belongs to CLOUDFLARENET, US. The main domain is moneysenator.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 12th 2022. Valid for: a year.

This is the only time moneysenator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	2606:4700:303... 2606:4700:3036::6815:eef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:189c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:310... 2606:4700:3108::ac42:2b7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.209 151.101.2.209	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 1	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.57.93.199 52.57.93.199	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21	16509 (AMAZON-02) (AMAZON-02)
36	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
192	36

37 2606:4700:3036::6815:eef (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

moneysenator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:189c (United States)

ASN13335 (CLOUDFLARENET, US)

static.news.bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b7a (United States)

ASN13335 (CLOUDFLARENET, US)

webassets.inman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.209 (United States)

ASN54113 (FASTLY, US)

www.ft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.225.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.93.199 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-93-199.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	criteo.net static.criteo.net — Cisco Umbrella Rank: 627 pix.eu.criteo.net — Cisco Umbrella Rank: 7159 csm.eu.criteo.net — Cisco Umbrella Rank: 7456	761 KB
37	moneysenator.com 1 redirects moneysenator.com	370 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	60 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	304 KB
12	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11084 ads.eu.criteo.com — Cisco Umbrella Rank: 7034 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13161 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9488	212 KB
8	bitcoin.com static.news.bitcoin.com — Cisco Umbrella Rank: 224465	897 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	20 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1751	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	173 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453	3 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1083	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8117	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	916 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 636	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1516	414 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 925	417 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 267 fonts.googleapis.com — Cisco Umbrella Rank: 67	7 KB
2	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1480	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	103 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1388	296 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 611	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 568	761 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2926	375 B
1	gstatic.com fonts.gstatic.com	46 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	649 B
1	ft.com www.ft.com — Cisco Umbrella Rank: 19262	20 KB
1	inman.com webassets.inman.com — Cisco Umbrella Rank: 248606	148 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
192	31

	Domain	Requested by
37	moneysenator.com	1 redirects moneysenator.com
36	static.criteo.net	ads.eu.criteo.com
13	cm.g.doubleclick.net	googleads.g.doubleclick.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	moneysenator.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com moneysenator.com googleads.g.doubleclick.net
8	static.news.bitcoin.com	moneysenator.com
6	csm.eu.criteo.net	ads.eu.criteo.com
6	pix.eu.criteo.net	ads.eu.criteo.com
4	cdnjs.cloudflare.com	ads.eu.criteo.com
4	cat.nl.eu.criteo.com	ads.eu.criteo.com
4	e.dlx.addthis.com	4 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	ads.eu.criteo.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	rtb.nl.eu.criteo.com	moneysenator.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	odr.mookie1.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	secure.gravatar.com	moneysenator.com
2	connect.facebook.net	moneysenator.com connect.facebook.net
2	www.googletagmanager.com	moneysenator.com www.googletagmanager.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	moneysenator.com
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.ft.com	moneysenator.com
1	webassets.inman.com	moneysenator.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
192	41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
reddit.com
api.whatsapp.com
markets.bitcoin.com
bitcoin.com
telegram.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.ft.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-04-04` - `2023-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Frame ID: 7781B10CF5A3B3782AA20B65B2314843
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html
Frame ID: D59E2D6EE26A1C6A458C6D192D2745AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&adk=2969136045&adf=3689892565&lmt=1660612169&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612169808&bpp=3&bdt=882&idt=153&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3013595093264&frm=20&pv=2&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
Frame ID: E6B5B207FF3D3E6C150C91EF3272FE4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21
Frame ID: 67521F43815E66B9D49E3926EB3CFC88
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71
Frame ID: 3B438A45B9BB22527AAA52E7F08A696B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75
Frame ID: E00AA541B867619BA99AD35AC85B744B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Frame ID: 48C9F1AB0E700F014F5CF047E07CDAA8
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAAebMIEeuzAAMg9hLIrcdHAdQecOh1pg&u=%7CMVDe7Za51SxM55pAaVFTQKBb4e%2FHTVqPBASTZgI9FRo%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6iSToWSbpKg-OqeEGfpuou6alag7PxIYTZam8qsQ7kN-W_8WqoywnKlLRm4ixmMx8ZgdwCrGllqHPf_VWZl0Tvv4mUbH-2Khsqnjnb95f1qtegMPNQepkgKbES9ttFA6Wtb8y9anH546lNZPFm5pmDFhdlrX_JEobKsx74UYILWRMVAm4VFc2rWE9RsnIvlz1d_nbuPFLt7YpwCV6WANcBKlXq7R5dkN-pl3hgCk5SD9SqSTqekOzf_VjkZn5xIW7fy8yPWG6hnrzPF38YwUqzzJSNPoK-GFq-H9EfY-pds7Gf1Q1mDTcKWVDtDMnvvwWPen3FgEHW-wtP7flSwQ4kEYguPU6Sn9v7eRnHDveBlmTDAtZ_PKB7tmVgQ0_FnIa&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqH6uSu76YrPzAbPXx_AP9sGMqAnJntKxXKX8k_dwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAaoE5QJP0KFtzuO01RfQM3KVGcCAk8njK4-BWjZlcJDnXv5QpXeQlCrFfDKvvROAbBAXlg4CNiS9wfqm59wnmOVD71lP2ESQWh1LpNr8szP3f3hWNL_DcHkW8lo4UYFQzn2UFIIYkT4GxGih35BPzS2Mxuo8DLe4We4SExQKcwgos8ANBFh68ItXxef9e2O00g1eA5Kixpe-Kzjbug78PM08y0U2okQ99Mglxuann4TxM4HAeq94y8mS0REOrDTGwq6asFe92UGQtk0YTqd7ylKmsP-LD8_k07eAMZQMqd7_ujjprjr28Y5ecAMfNgKVNvjANuWXEbUW0FGC-iDXPNBXO_mQW6X1r25Fml6sjV2z0WA1-qiR5mfGQhu_xRBtvuroEf1wrfM3yfvUY6T56xlTJh6bUYVO6NdaS0BdKp66BglEGTnO74OTg4DsQYoa2nQNPq1by0TYB3wd-XDDWLVaqquyVjApjleABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3X1HPW6TKpGjpTPT_cJfViARSKsw%26client%3Dca-pub-1354391948774565%26adurl%3D
Frame ID: FAAF1EB1C5F28C89FFFDAA8BE436BD6D
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgADxrwK3rkZAAa5uYSThPmFs0UxGfINbA&u=%7CMVDe7Za51Sxpjf8oFLlxfFYMDJPiXfcnkZqL%2FhKnhdE%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdsnvy2VVlZR3iEPXmgXVL7q1cq6T5al4dTKgDAjLV5DcT_go0gPrpmX2J8kmQvTuBObcDyOzfxGAqnTgp6YSfVip2rYp0zRei2J4NrrtgTP7vUOKRqRNoC7pBpA0dFtKcgzOuWalv6ZxnyYR0Pc5Migo3LXFNTxcjddv6rQcgm9VhCQkf_fEb6wDMx7Djq8CC2vpRxiYlEEbhgzgz1RiiCtdm_YAszlA7Jnjih8c5VBXmqFB4nhDSLd6UYiiNyRDJTnIgoewC9iAAwVRP8HyrzKnAKeOGWdAmne4EtlPnLFANqlpYLqxBtAFGPeyADW8QxIBE6QBYqAPdk2_CDLsswtSWi9dwFAZXqLAeIfxn8kl1PXpZ0z1mZIhnxwHXbejRxuzhM2Sq7m_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxFpOSu76YryND5ny-ga585pQyZ7SsVy98ZT3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0xMzU0MzkxOTQ4Nzc0NTY1oAHVttLqA8gBCakC4SEKXdIasT6oAwGqBOoCT9BrnlBiSpK4paMSZ4Dem5g6ineOf04DQ504drJD86UAwE3X_obRofYmsZejaEq87S9S_EOoMkScUF0lLuxHuPTzVI92Cp1mNDwInKosBOfuii_llneVHpd4PjGwtIgwCTJV-3GBeHqCemxOwE6epRHYgDXjIazSKNsURcM-BNraN17pvDRCdkU2lz6hgUIIIg9H80ivqvYEIyNHO9GzvQMcNTWRwFvA0PF7Yric2iGb7FqM6q3vQuLiT32BfKMzdruK_500CXTVqjJe8AvhodK4hX1d7ORtf3yfPuqWM94AjmA0FJrWGm7GiYIiTimXpDm6wz1cnE0iw2XeVSksXzxZ8UqIfo7voh08BDP5CychmuWcKG6Oc0sp-liie1IZOYWx1gdQhs3mQZyKMu-CpOj6uE39YZHJvmGP0RMZxGX42mIAeUeTHQ-a0ugIhSg0Pbndbqi2N5nXUdgVqEQz9xvnNRsyOrB4bMWABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Fd_rJWrp-t0DAQ-pzUUoeeLsSuA%26client%3Dca-pub-1354391948774565%26adurl%3D
Frame ID: 2BB959C2E5E3E1A13AA9332BE4AB922B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8E0B3645A52EFEEE86073049E7014D4
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAEpgkK4HHIAADJfsuJBlAuhSnQ8IC56Q&u=%7CMVDe7Za51SzfOVSjmFQ1oaojeLxaLcq3heQHpASnMiU%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdjzZ9t_AoCXF_0blrznO54JYrcQ6Sa540OSLSwSewrVX3mrh-umfWb1mkSaMeF4vLQzGbwG7JhIhZWfD4Y-Jv2NTCFdtGijBPb-7QSlufg66RDzzhhvNjl5KQrsuvKpEBpaYgExaFvWebHxev21g2dAC_sODXNxC4CE0jI2sF0srNTuBfHyeBjbDfuh09ps2IVObcrb3pj3w8uvYeR125W8J39XrhXkHp-OW5-Tr4PTbHqBF2JyoGETSAbkfdk2lbdD9m_gE7V2Vx9pcWcRCGU8rl28aDlsCnQKAs1sgJ_gCWAb7hm75fLr6armtHkdFoP-DMXGvmz9SYWJ5Es3CTr3118J7-_1W38YhuYLQ3amGXFQWgFKZZ-BQo9GrCKl8gkRaMcUmPolO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqw2ZSu76YonMEsjjgQf-koOIC8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTM1NDM5MTk0ODc3NDU2NaAB1bbS6gPIAQmpAuEhCl3SGrE-qAMByAMCqgTrAk_QOIUJpjGYZ-POhoAzvbfkaS1FgX57y87DViByJm2EQMCyQHZ4OU0N9xBKhCCmVHpQcMhnlbbt4aVMy33IkM9Ob9GhAmNFaUDEL51rVd14b_8q3Peu5zYeq35T2VBXd0TWUkvLpoGq7YsqKhy64Vts32oqXw-dsbNjJ6bGAoiX0P-GA7IeybATp4uDkk2uImrNv5mNbyibNgxP10MhsBzyrHzQjNE1eSdMIWAiF5mV_lUhUArQX4CtNTlzpksc-cG_867Erd2ZTPyjkQq-oxNLBMkvz19eFg5dRru0OQG4PNwGSZl-pke4azpmPNi0ZAfxUKMePLE4P21dYPYF0Xs-ZPOUqAIjfFNiThtkoX7C3ZJW_zF6NgkfkhvRv3sDN6BZ8BzOeEdUB9HXICbv_1jqyRA239QjFfICII7SQts6RsIp5a0d3EYcQqKkrAo6jWFYAfxE9QBJfOwARNR1YkV0p30DnVtBDHCP3YAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31-B1GdUi9aV-kjS4Tg7t1FL2MyA%26client%3Dca-pub-1354391948774565%26adurl%3D
Frame ID: 959E95BFC12478F02466A005EA10AEFD
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 390C053009C802503A83A43E84D4E341
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAEkk8K4FpHAAD8bQLnKhHZX8drH0vSAg&u=%7CMVDe7Za51SzIC3uIpTjrucS0KHRGFkSNbO9ITGO%2FE1g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdsnvy2VVlZR3iEPXmgXVL7r4Ty70jWAdFwMTa4liXugodTTrcwZgYnzBq0mD65uW7B9A0ixnrMinGdh1QoSNN6Jh-ol8z6xn4jtW0h4_SitBb8HrwfXgMVQ8q9RRqVHSOjyz64XYDs6B2a2v0Adpq6Hwqwi1CVfqsdR6wd61624hLb6rOIMPKrZNTfoU2cT2UkMyjzXBvHi00efv6WAL2aa0UAGm7X9qSdx2PmA_WBKJKp6lCzNY3eHVR7AyKeTvTmxyqTBxEbYLhsv3ErLdSTbNOrPpbdkOM-k8caNvXCIujEYRecYeBSv_ABAlijuD2AfVIYBCH1K8qe5pPaJSkk5Mh242OTQpHb7thllo41BXasXZbr03HbWRPpsrbr8YRTcTy4A_B_ho&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt2q1Su76Ys-kEse0gQft-IPAD8me0rFctZjj1pMBwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAcgDAqoE6gJP0KeDOHRfydCjs2kgr8on4uhiv_2Uz4vKxd5wsUdJYzaUDP1amVdWUKSNasJ8j-Y1bLmX2kf-jEJ1txMVtCwdHMh9pz4VDzrWeIs9mkdxTv8rvX1kyWfEmXY1Z2LYX-zZD_HdEko6Ow-GjBnNW23ogsEPz0mabsuaCuXMTOgQDqXb3XbmHTzQUJHg98PMe-c8qbdf9CoFGMCw6vG3k1sa2wRC0p_t9qKzzLYliV9ryOYMbnh_241i9wxFju8cuUOqkUzMAAZemGNluEDq67Td_i8zDzHFnsdfrPbF5UHT5K8Irz7yh7gVg5_60pWBovwVMuMC6xBkTkR-FqrfOWyQNB4aCgijAX2fg8--7eLhbTFs2WPK2dFqKUWy1pjrPRUPE_vrGRjjsOgTei9GY7JNmWjnsIBTn6hrkrrhPGG-_DXAyU07eYVhAhl2-EaiEZvTmcX4L1FtttFd3zyPVU6u2wRttbgruwcm8IAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0quDWcluOCjIzGvhCX4G0ua-vgCg%26client%3Dca-pub-1354391948774565%26adurl%3D
Frame ID: 5D8CA953B2D5F61EA7A70D285A834BE9
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 71FBD4FDA64B0619AAC81D682B6C4F91
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BB30802DC7F98A4D440BA9A62854BE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AAB3A20C2EF5901833591425D40757D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pakistani Politician Imran Khan's Instagram Account Used to Promote Crypto Giveaway Rip-off – Featured Bitcoin Information - MoneySenator

Page URL History Show full URLs

https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-gi... HTTP 301
https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-gi... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

192
Requests

94 %
HTTPS

63 %
IPv6

31
Domains

41
Subdomains

36
IPs

6
Countries

3268 kB
Transfer

5922 kB
Size

24
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Pakistani%20Politician%20Imran%20Khan%E2%80%99s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information&url=https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/&title=Pakistani%20Politician%20Imran%20Khan%E2%80%99s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/&title=Pakistani%20Politician%20Imran%20Khan%E2%80%99s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information
Title: Reddit

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Pakistani%20Politician%20Imran%20Khan%E2%80%99s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information%20https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://markets.bitcoin.com/crypto/BTC
Title: BTC

Search URL Search Domain Scan URL

URL: https://markets.bitcoin.com/crypto/ETH
Title: ETH

Search URL Search Domain Scan URL

URL: https://markets.bitcoin.com/crypto/LTC
Title: LTC

Search URL Search Domain Scan URL

URL: https://bitcoin.com/
Title: Bitcoin.com

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/&text=Pakistani%20Politician%20Imran%20Khan%E2%80%99s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information
Title: Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information HTTP 301
https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CMgiX1SyS8crmAbww1pNPTr8QrZ_svXcOc2GI1bd68a2L0upf7kk6FBbz6hFKFK9cGGlS0GPMRWsMrnLc9iJEIfeASStfY&google_gid=CAESEKj4Cs5QYP4ZG2R25G1qFrw&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CMgiX1SyS8crmAbww1pNPTr8QrZ_svXcOc2GI1bd68a2L0upf7kk6FBbz6hFKFK9cGGlS0GPMRWsMrnLc9iJEIfeASStfY&google_gid=CAESEKj4Cs5QYP4ZG2R25G1qFrw&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4CMgiX1SyS8crmAbww1pNPTr8QrZ_svXcOc2GI1bd68a2L0upf7kk6FBbz6hFKFK9cGGlS0GPMRWsMrnLc9iJEIfeASStfY

Request Chain 104

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_cver=1&google_push=AehlK4BpxP3L4cK-JsAA_nm6nT4GFHnYlnnNFjPyF9YemPPG2m38ZjQ4Vw0AaQcT3Ob2IsCGssuRgJi5fd9YeaHhKv7RGNR1cNA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_push=AehlK4BpxP3L4cK-JsAA_nm6nT4GFHnYlnnNFjPyF9YemPPG2m38ZjQ4Vw0AaQcT3Ob2IsCGssuRgJi5fd9YeaHhKv7RGNR1cNA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4BpxP3L4cK-JsAA_nm6nT4GFHnYlnnNFjPyF9YemPPG2m38ZjQ4Vw0AaQcT3Ob2IsCGssuRgJi5fd9YeaHhKv7RGNR1cNA

Request Chain 113

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGdv0th7iJ-IJk3sCWLSZfE&google_cver=1&google_push=AehlK4BEVp4jUYqD0cZHdIB2qqbpZdVph3b304Y1JyhKwt2s-Z54NJYEwrLDzjOjJKtA_NmJsiyk2i3IBtFQ94BRCiyZtOgJ8g HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BEVp4jUYqD0cZHdIB2qqbpZdVph3b304Y1JyhKwt2s-Z54NJYEwrLDzjOjJKtA_NmJsiyk2i3IBtFQ94BRCiyZtOgJ8g&google_hm=5nBj4wch4U4CeayeJGRQLQ

Request Chain 114

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CK8uSnDOBBe8AXOeBrgHZHsC0qxJYlCq07o0QmH2QxEnMH2Sv_LN0wg9DvVROiB_o5gCJpR5zRaKSNa5e_cAzQZTdwxI8&google_gid=CAESEKDdpEbdAkWF9FHJ-rIwaQc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZydVNnQUFBS2NMQURyNg&google_push=AehlK4CK8uSnDOBBe8AXOeBrgHZHsC0qxJYlCq07o0QmH2QxEnMH2Sv_LN0wg9DvVROiB_o5gCJpR5zRaKSNa5e_cAzQZTdwxI8

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKrl-Vp2tAW_3fJsBna6t8c&google_cver=1&google_push=AehlK4AZ78WhnAqHJz_CpXJwRodAOMSH3NNUM6BcSJk6uMoW9iXseOJuN1C-BmqjQ4XcuDZ1bDHYzRQ8eFb5L46yk5N88juQdWE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtUi1BVU5E&google_push=AehlK4AZ78WhnAqHJz_CpXJwRodAOMSH3NNUM6BcSJk6uMoW9iXseOJuN1C-BmqjQ4XcuDZ1bDHYzRQ8eFb5L46yk5N88juQdWE

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBHVIbqsGG8ORP-t0OUlSns&google_cver=1&google_push=AehlK4AESfc75EJFPDbzX049AOB_iMwa_BxWqMUL7GP8CbbwzapqVlVEXUTW7uBFca0bRDeCVynLEqjTFP76OSnrFn3jO8SYqeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHVIbqsGG8ORP-t0OUlSns&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4AESfc75EJFPDbzX049AOB_iMwa_BxWqMUL7GP8CbbwzapqVlVEXUTW7uBFca0bRDeCVynLEqjTFP76OSnrFn3jO8SYqeQ

Request Chain 121

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBw3UKkcTAC_TgSIz7HX4Ho&google_cver=1&google_push=AehlK4B6Om_HBaPrQ11GiLFAVV7nsfUahWkb5dRp7HqeGlzLYa0PDsGCd_vTbDtx3f2UeAZn_m-crDp_nu20kBqkXU-wPyFtJf8z HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4B6Om_HBaPrQ11GiLFAVV7nsfUahWkb5dRp7HqeGlzLYa0PDsGCd_vTbDtx3f2UeAZn_m-crDp_nu20kBqkXU-wPyFtJf8z&google_hm=5nBj4wch4U4CeayeJGRQLQ

Request Chain 122

https://d.agkn.com/pixel/2175/?google_gid=CAESEIenuY6ye3o9IyBdzUiAhdo&google_cver=1&google_push=AehlK4CqH_pyjQDBy7GiTG_E91IvYbwBNGHj1siQ9T5MQRn62cezoejXS78p2idhPe4kKSgfzI04EYOaMtDA48ozhGNBGY7SM6Su HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CqH_pyjQDBy7GiTG_E91IvYbwBNGHj1siQ9T5MQRn62cezoejXS78p2idhPe4kKSgfzI04EYOaMtDA48ozhGNBGY7SM6Su&google_hm=Q0FFU0VJZW51WTZ5ZTNvOUl5QmR6VWlBaGRv

Request Chain 124

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4C2AICCtTXv7wa0e8PW4UkZZFMM2nr53c7FhQeHpeZ7bsdKB91qpUk-saI2o8Li8nC5iFzObuIB1eZ1uOvguFoyoyIqHsZJ&google_gid=CAESEEjVcLkUB6c2QGEd0GK1ijE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4C2AICCtTXv7wa0e8PW4UkZZFMM2nr53c7FhQeHpeZ7bsdKB91qpUk-saI2o8Li8nC5iFzObuIB1eZ1uOvguFoyoyIqHsZJ&google_gid=CAESEEjVcLkUB6c2QGEd0GK1ijE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4C2AICCtTXv7wa0e8PW4UkZZFMM2nr53c7FhQeHpeZ7bsdKB91qpUk-saI2o8Li8nC5iFzObuIB1eZ1uOvguFoyoyIqHsZJ

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHIm97SntnF_HITaCE2M5N4&google_cver=1&google_push=AehlK4BqP-2lZbvWVh9zR0wkUBn1KEW54Dj0fqfBqdFrNWkCdVLzeORPoNztPDV6oW6FzeLfiYf2AG8GOKasFyxjz2355HMCVoI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtMTgtM0RNVw==&google_push=AehlK4BqP-2lZbvWVh9zR0wkUBn1KEW54Dj0fqfBqdFrNWkCdVLzeORPoNztPDV6oW6FzeLfiYf2AG8GOKasFyxjz2355HMCVoI

192 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Redirect Chain

https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information
https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

130 KB
23 KB

465ms
465ms

Document
text/html

2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c379ec939ae56317a62c413fe89fdf98b3a7ae330eebefe3e323ebfc142fb3c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 73b648e4df7d922f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 01:09:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://moneysenator.com/wp-json/>; rel="https://api.w.org/" <https://moneysenator.com/wp-json/wp/v2/posts/66298>; rel="alternate"; type="application/json" <https://moneysenator.com/?p=66298>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=921BlgK%2FcAVitq2bwzU1QXUFgMm2w8epNpbXeQpefwIaoJ1NGa51a5R7c%2BGTnYO4npfcCqXxiS8hc16ibECxvnLOjCIHrpnZG%2F7dK4mQrtiZLFm7EHuS3uKuH%2BMdR9Wf2OvPY9TMIjUdbVDiWpvt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://moneysenator.com/xmlrpc.php
x-xss-protection: 1; mode=block

Redirect headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 73b648e0cd9b922f-FRA
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 01:09:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoqZ4WrkFE%2BJ9NYBuJKoOGudOxnNAFTqJjk2ttr2huCe2Tyc5z8rS6jNvsCl0nDoWKsAlv4qb8uhvpbjWXN45zRC0j8K9imJWFGHyVFb7CWNlUVH2hloCssYsG8mGc%2Ffu8Xp3XnfnJgDT5bTMHzc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
x-cache: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://moneysenator.com/xmlrpc.php
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H3 200 style.min.css
moneysenator.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 600ms
598ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jul 2022 22:48:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62cdfa3e-15b64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDrOsK0Jk75IIXAiAkvLnikTdTnb0ioJcJNLNI4Uw%2FORuQ0Ulj77AY0KPffgU3moeIRgUhmvsL%2FpyItSK7t8Svfw%2FQ430nM312xWn%2B%2BPm%2FLnsdwF42vDWUY3YML1ry3fnFBVnmreqExWaL1fWFyr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7ddfebb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 styles.css
moneysenator.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 534ms
517ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.5

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 18:09:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"620e8f5d-aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8LKiijgIs9X%2FqxDZ4xDtR9wqdIqc8IMyV46t3slHeUjdQ7%2FMu76sW5d5R9OZxr%2B6T7qzv18om%2FvJ6b6F2pUVdEpUd%2BgeN8iAnW1mzeGS09Mop4ZcNvi50NkDKidbA%2B31gjAwxNc%2FWQQFXW4LULl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe18bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dashicons.min.css
moneysenator.com/wp-includes/css/ 58 KB
35 KB 666ms
650ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/css/dashicons.min.css?ver=6.0.1

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Nov 2021 10:16:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"619f629b-e688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Nwyw7u1rEHh5jijsBUE4PP5FZzpqu8tHCDHeZVHfuDOqlr%2FY7zYVWbxgednfZxiPbm1aDXQjmqOFU3vwuE5QhpGiYYSvg0ekhzAFaHkFY%2FRG10caV2IZfhRzx%2F%2Fxug94%2FvhJjqirRYPz8xOlJ2Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe19bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.css
moneysenator.com/wp-content/plugins/post-views-counter/css/ 289 B
855 B 499ms
484ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 24 Apr 2022 20:36:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6265b4b2-121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NWyveE%2BEbxq8aSGZoI7mtaez17%2BBU%2F6VpVJYcJluEMsZYwFqRdOSbTuj9u3mMviA3JRwfB4hhemE58Tsy2APJAonJ1ZVCxu%2FBryQztDq5cRku7W4KG3q7m8S6jntrRWopzlZegIlpbW6svzvp3A"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe1bbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-automatic.css
moneysenator.com/wp-content/plugins/wp-automatic/css/ 3 KB
1 KB 512ms
497ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Jan 2022 14:06:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dee05d-a99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBpbM1qank3RVl7I5%2FujVkI6ov8naxgtzRryaiCZS6JTMZzVVqTQqc88DMJt4kR32QBvR1%2BTZg5LkQDLDujknAAw%2BTPsDQpXDnzLnWHfgTQvgn7GHjgcQvj82DyzlOecL8DKCMbec7OfimaGbb8E"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe1dbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.css
moneysenator.com/wp-content/plugins/aurora-heatmap/ 9 KB
3 KB 469ms
455ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/aurora-heatmap/style.css?ver=1.5.4

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238b65091e35aa96c3397259b7b6447c3c2cb2eacdefd45fb49794bcebb1cb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 12:18:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62878726-251d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HQWfFPf9UYRwBjdrY7kxd5Hg%2FMgHXF57LJ4bL%2BMECdrYvdsxHxdQq0qHGg%2Frt3vpcE9%2BDAQUl7b3X1hSQEiERnXVr2LdCS1vyFdtthkiU6ouOmeYoqxUE0K0FSKeS0I6Va0qFSSv%2Fae7s4PvTD3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe1fbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 base.min.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 488ms
475ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-a3b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHA%2FIlxSSKXJ4ogDdikGyDeUbjWXJh08FV0x3jGN1%2BkjLX8Zn15aQtM%2F3twswIwoc7qaO4WEvU7W6BdxDqD%2BQiCgjo%2FV26FZlHwe%2FLZAiLZKoWOemQqg2pI5JIz4BTdJ19WkTTr0MPj3WLUWRfG1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe21bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 171 KB
31 KB 636ms
622ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-2aca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4ipxJOAzim%2F2YKiHbAyMO6M%2FwWzJH24UY7vuWZN1JGS7CsuJN3ANyDtyMufYj6ZqHFCKLPt%2BfKrenY0VvQMtjxFV0Yhwz6mrYM9K34nTMP3viY6gzJ94Nxadk%2FuIu8QgP65qE9kAhJN0Rl739EZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe22bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 widgets.min.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 53 KB
10 KB 476ms
463ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-d37e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM5jV3ez24ovu9%2FryBvhlCRJnzQBqpS%2FdidS2SALPtKGyLqDXlTjNKix06hnFx9ofhfCsb6KlGKoBFZW8pHZIIyCq49nqQ5pPM4BWym82tFc0n6V12s2SZa%2FNH8HGfJOlltUQUVYmu7VnQdEtTGe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe23bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 helpers.min.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 478ms
466ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-3b78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5y12WXi96FTdo1%2BIJkuG0nHNKKcY%2Faa8NAAXQFcpsnSncS1bois0sJMfp59vrqr6oFigISgtMipFYhsMBD7EQsrpozjNnq9q1JcnqVo%2FU7Kv0vB4XTA%2FNswvgdaRl9wiEDBGCHNouh%2FJG0MrANq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe24bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 612ms
601ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-e526"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiccBkTsCJp5OMOdvrpKnFL5ztJmxEvSacoRKG7iVj4egRJQxxt1kM9kvRtVrEoD%2FotlUiZVfbSR%2F8I%2F58ajv2Xn9jQ39GTKjdZxZqbNNg7nlRMb4evaQYOtXrI8Sff4tSNbxYi1g7xYgi%2Bhkjp2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe25bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 skin.css
moneysenator.com/wp-content/themes/jannah/assets/ilightbox/light-skin/ 12 KB
3 KB 520ms
509ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3501d369c50027c72709114d575c21a4688aeb8ced4a9438927f991c60c45d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-2f4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azvvQPc8hUbIfFASRzdXdIxxvchU5XWZRh%2BcupGdW2Jc70vYJT7obWJ2ukXzQv8kHZHdK2iDVxB66kkOao81cZX1nSt2H5EDJ%2FoJJaOgvOift5GC8M7z4xs0wRYf7sgzYa8KlwUg%2BTrpDXVFn9cH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe26bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 single.min.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 40 KB
9 KB 487ms
477ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-9e25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuYlfgruXfjaBXesNjCzePewGtR1Wn1FgNvS5dHkzPD1OrL5LC0IRDmNo%2F8sVNorOKwyCD43jiZC4QEs4AswFT0E0C9ar%2BX5fkhd7%2F2E%2BMjt6gDuc%2B7t%2B6AGInYOtiKa7rAFb2EiGCz1mkS%2BrYJj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe27bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.min.js Show response
moneysenator.com/wp-includes/js/jquery/ 87 KB
32 KB 642ms
632ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Nov 2021 10:17:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"619f629f-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsJk%2BlNSxvS23fxWRWciiphIMj9eVGrFvym%2FyTSEqP9SsVjYnRDjKOVHNFLgkbiLQts6hb6cvy6y0acd4wO0AHRNZ1z3pOGeNKDpcqykMQAoYYYOQanE1yxgD7cf3ep2F43kL8vWgSooAQK5fyl1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe28bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery-migrate.min.js Show response
moneysenator.com/wp-includes/js/jquery/ 11 KB
5 KB 498ms
489ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Nov 2021 10:17:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"619f629f-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frtLVnTOgWYiIRQIo1CMa5e8%2FcZonSdJoXC8Rb5KEsCGOPxFo0WVK%2F%2Bu%2BKSOvz31kqdJ7GtSiRPLDnByON7WRBAkixE1ee5gpTyQCNHUw%2FLUNysvBmqB5OsAm%2BQXz9QD7Dho4JIY1H3cJK5muboC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe29bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main-front.js Show response
moneysenator.com/wp-content/plugins/wp-automatic/js/ 1017 B
1 KB 521ms
512ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.0.1

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Jan 2022 14:06:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dee05d-3f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7EAKqfgkAnpP3qOHUaU8hBSJfdthEJtPQ5GZBYlZxEgTmjZdbFZGwhwlnqXN14KmQbJFwmcNSsUls7yHcZC%2BfRDXay3K4WtGw36gNHfPYOrHz3TZxN65bR3bxzDePsSPlZUksk%2FenGEQFXeuVOP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe2abb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mobile-detect.min.js Show response
moneysenator.com/wp-content/plugins/aurora-heatmap/js/ 38 KB
17 KB 615ms
608ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/aurora-heatmap/js/mobile-detect.min.js?ver=1.4.4

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 12:18:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62878726-981e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMhV0GvGapkheh608cXct%2BpILNJhtnyKpucsAJfsH35fzFTZVieWuCTrx0zFFEsI%2BuNSzO%2F%2Bv%2FgHajRFUH05uTXmym3lOGRCuxJAEW%2FNHBZBQcM5HVVWHq5zWxypaykifoQobPQGM16yJN9zuiv6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe2cbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 reporter.js Show response
moneysenator.com/wp-content/plugins/aurora-heatmap/js/ 9 KB
4 KB 521ms
515ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/aurora-heatmap/js/reporter.js?ver=1.5.4

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f69635652098f78c0f2609728feca0002a52add9776824e6deb6f50b92cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 12:18:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62878726-25a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bf4SWxZWuTncFDVkOa1DLyB05zTuBO1%2BiTPyHYhIc4vwT7KKk2rpVLiYLHzAJQyAgwxkgPF%2BnSR7jbLzVbY4PX50Pu6DhhHWIS86rpwzQTCMnVacswIJX7cM%2Flni8WQiCeTSm%2BtuoFho0TCmIsQM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648e7fe2dbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 62ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-216937615-1

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b1b5556dc7040f545569fa4873866e9164460c3743f77eb2dfaea5b75995925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41787
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 00:05:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 01:09:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 82ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1354391948774565

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6a176f48aa43197ad5ccf47985deb85f54d0228c3c60cdf615801f60aaea00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Origin: https://moneysenator.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57429
x-xss-protection: 0
server: cafe
etag: 6964856274666364116
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 01:09:29 GMT

GET
H3 200 wp-emoji-release.min.js Show response
moneysenator.com/wp-includes/js/ 18 KB
5 KB 484ms
482ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 24 May 2022 22:49:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628d6107-48b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZl3oPPcZtV4sPCPeNTftVS0hvQGYLV25iMk%2FecgBzT2EBd8tWJKjpBScFZjkF1SO6p%2FXcWz79ZDshT7uHPsYiL3%2BSU2RHkAHjpJtip9lc9DTH6KoODf8HiyeJUGHbZC%2FM4rruPHkqvsDDeo0LLm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec2931bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 print.css
moneysenator.com/wp-content/themes/jannah/assets/css/ 2 KB
1 KB 480ms
479ms Stylesheet
text/css 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03dd15a551c408fc3ee4496227c5b0798ead05885e535e47f3fa13b6d0fad687

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6116-87f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dd9tzgKGJ3PsYZeOPqgepYbx5WZuk7xrhcxasvTuHLz0GyJzeTZiRE%2B8S%2FI9UbKxDo6ujbsKq4OgvinD%2F8Cl%2Bnu4lIBcly1BVpmgr356%2BNMC%2BhbQCPtwvX5eHvATJNIBBK2Et8GBiuCPcaVWK1h"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec2933bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imran-khan.jpg
static.news.bitcoin.com/wp-content/uploads/2022/08/ 41 KB
41 KB 139ms
113ms Image
image/jpeg 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/imran-khan.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01ec0fe4da73a93f1549a095d910faecdfef42d82eaf5f0d3408d3396ddb2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: PRG50-C1
cf-polished: origSize=45106, status=webp_bigger
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41908
last-modified: Mon, 01 Aug 2022 15:15:56 GMT
server: cloudflare
etag: "af81af513ccd22b7c49b4d083d17e9be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73b648ec598f6987-FRA
x-amz-cf-id: WBM-6FXKU-ncN7uoTaL6cMONugGkM3iYl7Pf53VJ4WVLtxvCHbxm6w==
cf-bgj: imgq:100,h2pri

GET
H2 200 Kevin-200x200-closeup-150x150.png
static.news.bitcoin.com/wp-content/uploads/2016/12/ 28 KB
29 KB 70ms
44ms Image
image/webp 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2016/12/Kevin-200x200-closeup-150x150.png

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9956b3cf88b957e5d80efac5128ebbe8d6d8919091968f2a337d8a6e73bfaf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 55c4cb6ad29c7bbcd0c8f2d8b906a83e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: TXL50-P4
cf-polished: origFmt=png, origSize=42385
x-cache: Hit from cloudfront
content-disposition: inline; filename="Kevin-200x200-closeup-150x150.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28626
last-modified: Fri, 23 Apr 2021 12:06:23 GMT
server: cloudflare
etag: "eccd64e90d7d665d71eceb2827b7d11e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73b648ec59906987-FRA
x-amz-cf-id: ZDMWqMdtQTuFzPg8pdeVl1hx0yms18z_gCz7d7T0E0xJrkZy2cnn4A==
cf-bgj: imgq:100,h2pri

GET
H3 200 email-decode.min.js Show response
moneysenator.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:04:07 GMT
server: cloudflare
etag: W/"62f29387-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPB8EoRWfBJ1LSSeZMXGQt2oH0Zttt2ui5mSLjUWeUk17x4hL3TbVHW7NT96R2rxKkK25MkgHOYzZkiBWIZNWar%2BWvLx%2BjH9WRFyfbjy%2FoMZ6J36BHkc%2BMDX3q5v9D1RSUp4TyO%2BwYeF3QHTwidv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73b648ec0905bb8f-FRA
vary: Accept-Encoding
expires: Thu, 18 Aug 2022 01:09:29 GMT

GET
H3 200 Add-a-heading-3.png
moneysenator.com/wp-content/uploads/2022/01/ 38 KB
39 KB 742ms
741ms Image
image/png 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moneysenator.com/wp-content/uploads/2022/01/Add-a-heading-3.png

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203785781bddc635b4631fa2e44f0401289cfd8ec4bf5694c4b48164d931d6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-length: 38977
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 14:00:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61e03099-9841"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfCJ30YsrJqEmMpHBipVB3p8Ru6b04EO0YzXEc3DjhgkrezIQbr%2FZDbE4bP1sp8P%2BIh9m7em0rm0iB5CwzDPP9cv5kQzue%2F8NWg51AAdvKdWq9ib6jTZxdYglv%2F0veqFl2V8i5yvlTeuvLzZe7xi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 73b648ec2932bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 regenerator-runtime.min.js Show response
moneysenator.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 464ms
464ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 24 May 2022 22:49:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628d6108-194b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MX%2BGKMcquaLgXxVybf2%2FbgtoeMOxzg0OEj3UQV5lUBPf033myCugXcMDfF6nc0NYyCdAmuE0KPYDQdoxpDGex8a1zmUemWltCTTgFqzHnjKPztx175bzqNcUgAzTpEbU1t99piZERhuRpbMwt3Pa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec090abb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-polyfill.min.js Show response
moneysenator.com/wp-includes/js/dist/vendor/ 19 KB
8 KB 465ms
464ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 24 May 2022 22:49:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628d6108-4ac6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaeblLYZLjg20BnCKEY1VVKHxzIAzzmSnP4gn3W1tP3gGEI5593SPICL%2B1NGGDDRuxxjpLBvpHXAjTw24zBTgq3RHxu5Imu3qJODqULUpLvhOYz67TRVImRImR1d%2FX8rhdSXyHum1uMW%2BCRTidRt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec291ebb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.js Show response
moneysenator.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 475ms
472ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 18:09:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"620e8f5d-25f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKSV7ZZvSjRHctpkZ8jhEW%2FDP7muwRDpMNhRN19%2F49iCJkRfy9v%2BN0RrWNX4JckMR68lFlUa%2F%2B%2F8AYUXuArooq4JACmONfH%2F2UGDVUAdh%2BmsdiK%2B%2FwQbaDTu5oeFdynjFqc5gLmBqOdqtp8EmWMV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec2926bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.min.js Show response
moneysenator.com/wp-content/themes/jannah/assets/js/ 22 KB
8 KB 477ms
474ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f64586f3dd71280aa264aba2d068f6f2fd64cf039d37e4d4062c33e4e8fec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-57b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3O9OGYkzWZ61QC10DI29snXgf7ZxVE1nCuNFiyeqpMrmRmB7jhYSoIymrZi%2FZibGR8OauSRBGB4uXyG%2BPinZ7ugLkXqB1rRi%2FTMIA4EQT5R4qvJ%2BOiDL8umqvSfeE3uHKqev2gnFAk8k88lhndR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec2928bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lightbox.js Show response
moneysenator.com/wp-content/themes/jannah/assets/ilightbox/ 80 KB
26 KB 615ms
613ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-13e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww6GDEchMywtWbA1lLzr%2Bb8%2FdO%2BBTiq%2FzLW1FbdOMo0l3OEvWdxadSoXgSN8lipWejrVMKW7HHRh2nfCC2wQ64eyo30wQU5glES5k2%2BoZDCzMBJ03GJ6JhIw1LQu0LY8amtcdAltdfxeny5qT%2BVL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec2929bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 desktop.min.js Show response
moneysenator.com/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 168ms
165ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-4198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Spp7qm0aST6kviJkmcpEMYjmjmgs4BHJowhklfG4AYCf37uNtYeinq5GJ5s%2FagmZI2TgeSCN5G3%2FUAdkaoVLzHnTFLgRYMkApCZNEcUWdaAqWeWDcssn9x6TzZsBoS3aDaJAQ1Fr0LUlZR447Vd6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec292abb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 live-search.js Show response
moneysenator.com/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 182ms
180ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-3909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4vzrzov0lJLJjpnDWykpM4SoXcZOWYgHBR%2B3P6sJ7vPMzUn5%2BeSWlC2JM6Pe%2Bfvj4uqA6UmIXqZnxNXQ5192RoMxBNpLQQIfTG1E2%2FrKUORUQPOla0hUN9TmpHavPNmJPu3MJF0K3yvCM422Qk0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec292bbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 single.min.js Show response
moneysenator.com/wp-content/themes/jannah/assets/js/ 5 KB
3 KB 456ms
453ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-15ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHrk27ghzM5KM%2BwPmCzldaPageKgr3ZNhgAZbe0l20TkpaKTSsbQ6fI0k7MOG6jio%2B4wb8uo%2BPx5QKZuiQm7%2F8pJ8utdgHp2SC4um6PNqXI50wYf41mzUyHsdrljiF6hkN2U0%2B2KKkCeH%2F1lgyp5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec292cbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 comment-reply.min.js Show response
moneysenator.com/wp-includes/js/ 3 KB
2 KB 458ms
456ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-includes/js/comment-reply.min.js?ver=6.0.1

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 24 May 2022 22:49:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628d6107-ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xslHLiI4HXifSK%2FLc7QCKSxZ4e1eN3q2kUkAswh%2Feohpv3zwL4nqGPXo9MfdUNgkFiRGri1jYYnTigTpc6LrrHxy52DRs5pWSfNeuqsa%2BjI74V1RczRyOHdHHOMIXqMMNsh04DSwyhHTBI0XXRZZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec292dbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 image.js Show response
moneysenator.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 3 KB
2 KB 479ms
476ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.8.5

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f4305c64be4a18d8fa3dd5fa84794df8012aeb8843b902ee3d89c8fd82b8b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 18:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"620e8f5e-cc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk3ESyOW0ru9IoRHRWag5OdKgf8sphRxGErD6lv7mfml9JLZ3gsJ7umK7pYnk8CRRd6FcfY46hFS8CKzENHoTPxJuCpsgxQsgVfntZRegGfViRcaR4sdQBlXCFCyq%2BjcWAcBE0Vbv9jZ%2BOsQRJx1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec292fbb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 br-news.js Show response
moneysenator.com/wp-content/themes/jannah/assets/js/ 5 KB
3 KB 474ms
472ms Script
application/javascript 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.7

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
strict-transport-security: max-age=15768000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61dd6117-15da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59eWndWDYmMeeKnMKZtDG3pK0X2mVgEc2r6FMS7DuPItLEYNdPknUkMhd1%2FgYzGLo%2BLuCPQVXv%2F0s4ktT%2FjEemNNeK4LW7KsL1cJ3rd%2BCXXiQARDE5nAgoz6Dz%2FhHu95cB7ttpJV4KGrbfmyoK06"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 73b648ec2930bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 404 header.jpg
moneysenator.com/wp-content/uploads/2022/01/ 145 B
145 B 456ms
456ms Image
text/html 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moneysenator.com/wp-content/uploads/2022/01/header.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaDemxXYv%2BxlRK7Sj%2BHjgMw3ktx7F78s9gVHD5IT43mH%2BQILAcVu6KoZpocdfVQrUsCAZr1ZnRluSNu%2BgBjxDYZ7fDpQcuqzTAuf4yopuH8OUOsOW82ixUr%2B3YEqRcS4oYnuTCT8U0Ysh0AaBCKO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
strict-transport-security: max-age=15768000
cf-ray: 73b648ec3939bb8f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 32ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9d0b7f21add27bad6c044cd95ffa5d7f96aa7d6588f84a4e29eeb6fd41aac8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zCckaYK62coIf8Bso94ejg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: X4Agwsws4c1MBZX2dJpLzDP899nUkN3r5uYDaIHqHPZg4fy7PqJuQdPyIC+8i80FNL0JrS33T0GlMcZdFpfUJA==
x-fb-trip-id: 686109401
x-fb-content-md5: c2031e397702dec432eb9a9fdbf3440c
x-frame-options: DENY
date: Tue, 16 Aug 2022 01:09:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "588ae00418b8c3bbc6ec4d7278d3bde8"
timing-allow-origin: *
expires: Tue, 16 Aug 2022 01:22:11 GMT

GET
H3 200 tielabs-fonticon.woff
moneysenator.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 748ms
748ms Font
font/woff 2606:4700:3036::6815:eef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moneysenator.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:eef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moneysenator.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.7
Origin: https://moneysenator.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cacheable: YES
x-cache: MISS
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-length: 40536
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jan 2022 10:51:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61dd6117-9e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dOFWL0zvjLnXstWp77wHhPS6St33cCPVDBNJc8mkxRtF5xX8Vx%2B8kkGgFRyBmagrdyI89LI8A6j0vSCoQVeJ4Z%2FkvTmPHUWNQQslbDbBgUUrEF986vU9VTWuT%2FzeWbfh8N9fMVuj7TwOvr4gRlf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://moneysenator.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 73b648ec4954bb8f-FRA
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://moneysenator.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 b9b15da7c4828eacceda71c7e52b202c
secure.gravatar.com/avatar/ 2 KB
2 KB 28ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b9b15da7c4828eacceda71c7e52b202c?s=140&d=mm&r=g
Requested by: Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 75c48da0c2de6b357969f59ffb9152a2239089397ee29715d9cab44e3c26e80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 16 Aug 2022 01:09:29 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b9b15da7c4828eacceda71c7e52b202c.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b9b15da7c4828eacceda71c7e52b202c?s=140&d=mm&r=g>; rel="canonical"
content-length: 2094
expires: Tue, 16 Aug 2022 01:14:29 GMT

GET
H3 200 crypto-giveaway-scam-1024x484.jpg
static.news.bitcoin.com/wp-content/uploads/2022/08/ 52 KB
53 KB 56ms
45ms Image
image/jpeg 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/crypto-giveaway-scam-1024x484.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50eb69eb0b73e947ec9408e5a26db2c44af66735117de6d988272e040a952ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53260
last-modified: Mon, 01 Aug 2022 15:21:17 GMT
server: cloudflare
etag: "4c155e507faf5c6ef71e714f1beb2847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73b648eccff590fe-FRA
x-amz-cf-id: RpXMiuwodDXIlo8EEZL1EtdJfbN9TYS5fGhJFH92KnXycz8oQGtUfw==

GET
H2 200 Untitled-design-33-1024x576.jpg
webassets.inman.com/wp-content/uploads/2022/08/ 147 KB
148 KB 760ms
734ms Image
image/jpeg 2606:4700:3108::ac42:2b7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webassets.inman.com/wp-content/uploads/2022/08/Untitled-design-33-1024x576.jpg
Requested by: Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a54c7c5279ebd8a0a2aae0088329f51f8f6044aecb87eaf89458360a8eaefcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WSGTBM03QKHPR1H2
x-cache: MISS
content-length: 150849
x-amz-id-2: IT0UM+MMvw+BVPQrhQ1uIqSS0ZtGLsaORhnlhwJ/VUpvoy55ffiZgLB6jgjEmT8pgUGK9jnOTe0=
last-modified: Mon, 01 Aug 2022 20:43:19 GMT
server: cloudflare
etag: "d8cfba39b2e39f85053412283948d4cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcS%2BmvNSQovg7eI5XQeoRhbgj96H4ICxhTAVhO%2FZdQ%2B4yBbPRg35H5Lkxrzpo0pGI4kVqHgEjYaaTb9f9nmVlgh872jtFJlYErsgxoZQbkMQSmPmGOPkz36XBJalLczEdaAqoauS8yqLMIwzBTIr58M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 73b648ecff6c9b43-FRA
expires: Tue, 23 Aug 2022 01:09:30 GMT

GET
H2 200 53c05752-b818-438d-834e-9bd05c2cf832.jpg
www.ft.com/__origami/service/image/v2/images/raw/https://d1e00ek4ebabms.cloudfront.net/production/ 19 KB
20 KB 54ms
23ms Image
image/avif 151.101.2.209
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ft.com/__origami/service/image/v2/images/raw/https://d1e00ek4ebabms.cloudfront.net/production/53c05752-b818-438d-834e-9bd05c2cf832.jpg?source=next-opengraph&fit=scale-down&width=900

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.209 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4bca9ac4229bcdd16b3135aade9f6cbc6fb68b1b949d08c306a04b0225ef9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 23 Jun 2022 05:49:14 GMT
age: 17807
etag: "b3071a3d0ab3c0681c8e567f0ce20b63"
vary: Content-Dpr, Accept, FT-Site, Accept-Encoding, FT-Site
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
date: Tue, 16 Aug 2022 01:09:29 GMT
ft-suppress-friendly-error: true
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, MISS-CLUSTER, fastly;desc="Edge time";dur=16
accept-ranges: bytes
timing-allow-origin: *
content-length: 19597

GET
H2 200 b9b15da7c4828eacceda71c7e52b202c
secure.gravatar.com/avatar/ 3 KB
3 KB 8ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b9b15da7c4828eacceda71c7e52b202c?s=180&d=mm&r=g
Requested by: Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 90704df38139902681a43c955953637c5edb4ced0af3c5f7dfb6c7eb17ed24ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 16 Aug 2022 01:09:29 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b9b15da7c4828eacceda71c7e52b202c.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b9b15da7c4828eacceda71c7e52b202c?s=180&d=mm&r=g>; rel="canonical"
content-length: 2562
expires: Tue, 16 Aug 2022 01:14:29 GMT

GET
H3 200 jamie-dimon.jpg
static.news.bitcoin.com/wp-content/uploads/2022/08/ 58 KB
58 KB 39ms
38ms Image
image/jpeg 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/jamie-dimon.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b5f23af8bf568a485435bb0804f0619bd24d615b4f89010ac77357a4d839735

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: PRG50-C1
cf-polished: origSize=63161, status=webp_bigger
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59195
last-modified: Mon, 15 Aug 2022 20:00:07 GMT
server: cloudflare
etag: "f24055bf49db70fe68a3114459b680ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73b648ed282390fe-FRA
x-amz-cf-id: ZY0UcZewYyegCi15wASRLJbNalepc63uUY7RMuSpj_V1v61qxyGLxw==
cf-bgj: imgq:100,h2pri

GET
H3 200 galsxddddxy.jpg
static.news.bitcoin.com/wp-content/uploads/2022/08/ 132 KB
133 KB 32ms
31ms Image
image/webp 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/galsxddddxy.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb1606b8c32cfd11d085aaf974f21d5411b1875fe225e14884fd8ee9f83e3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 136293f2894c59a2f91cf08997c7140a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 389
cf-polished: origFmt=jpeg, origSize=356835
x-cache: Hit from cloudfront
content-disposition: inline; filename="galsxddddxy.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135192
last-modified: Mon, 15 Aug 2022 19:12:55 GMT
server: cloudflare
etag: "20fcbdb64932ceaf602d92a0de052d76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: max-age=2678400
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
cf-ray: 73b648ed282490fe-FRA
x-amz-cf-id: 3OntzFfkZrGRT80ZFHdmru17iB2pEvhmnARmUNZxt0Nk6k--NZCopA==
cf-bgj: imgq:100,h2pri

GET
H3 200 schffty.jpg
static.news.bitcoin.com/wp-content/uploads/2022/08/ 415 KB
415 KB 18ms
17ms Image
image/webp 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/schffty.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b955a306ea82206481c4ea0b70376e05d38a1219aa57f8849abee6cff39a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 79bfa0191487d8596f869845b4df5328.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1030
cf-polished: origFmt=jpeg, origSize=817164
x-cache: Hit from cloudfront
content-disposition: inline; filename="schffty.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 424528
last-modified: Mon, 15 Aug 2022 13:27:45 GMT
server: cloudflare
etag: "26c2cda14270b24e8ccd48a4124bcef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: max-age=2678400
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
cf-ray: 73b648ed282590fe-FRA
x-amz-cf-id: rO5n1fo8G3-vgC_lmhXm9a0eo-kXjbtsqYa21caBbo8j0jlufQvl8Q==
cf-bgj: imgq:100,h2pri

GET
H3 200 hhhhh6678999.jpg
static.news.bitcoin.com/wp-content/uploads/2022/08/ 68 KB
68 KB 51ms
50ms Image
image/webp 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/hhhhh6678999.jpg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

776f2b3177f7291c68ac469960c28b247ce8b08a4ca5d113c0c898d1c4eaafba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 8609604d3fb8e0a5c875f1c74d985668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1030
cf-polished: origFmt=jpeg, origSize=209943
x-cache: Hit from cloudfront
content-disposition: inline; filename="hhhhh6678999.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69296
last-modified: Mon, 15 Aug 2022 14:57:14 GMT
server: cloudflare
etag: "a30ad916c44855e846fbfdf932db6d64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: max-age=2678400
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
cf-ray: 73b648ed282790fe-FRA
x-amz-cf-id: 3AH1ThLf7Ycb8Vhlj_qKkdsJgKbFDNXTyCMIhYWIizOqlwIB-VnwVQ==
cf-bgj: imgq:100,h2pri

GET
H3 200 unnamed-2.png
static.news.bitcoin.com/wp-content/uploads/2022/08/ 99 KB
100 KB 53ms
52ms Image
image/webp 2606:4700::6812:189c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.news.bitcoin.com/wp-content/uploads/2022/08/unnamed-2.png

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:189c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7945e2dee94844198596048771bc9b18862019d271779b36b2ae145259edd6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 4cef84d6d9d593ea2c191c9370b4ebba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1030
cf-polished: origFmt=png, origSize=173551
x-cache: Hit from cloudfront
content-disposition: inline; filename="unnamed-2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101722
last-modified: Mon, 15 Aug 2022 08:44:39 GMT
server: cloudflare
etag: "8f2397e4bc6937a069a6cfe0f8a445c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: max-age=2678400
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
cf-ray: 73b648ed282890fe-FRA
x-amz-cf-id: uUeWIEaIKUGiKJRHRwFdj4rbvx5dCwp1wdRIkje0THEtytmDadCnRg==
cf-bgj: imgq:100,h2pri

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ef727aa31c1f5e0457b11600bc96b5f6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf25e94f66c7c24e86aed41cbf292c98605d5c34a2168512c8d1b20b763428e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://moneysenator.com/
Origin: https://moneysenator.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qOwd4GBWyB5noA110Mm7/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87846
x-fb-rlafr: 0
x-fb-debug: zKuE7DzFnRSdnSSe51zCimkr9kUy+b4zDYn1bsklIVdWRwdSjBlFhkGE9H/x3pYCmmqxeC4ONZOsCsl+r9xiyg==
x-fb-content-md5: f0d55db6690a724b32b2f16824551edd
x-frame-options: DENY
date: Tue, 16 Aug 2022 01:09:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "85072896dba61d2131110e8fe2040067"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Aug 2023 22:45:59 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 77ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1354391948774565&plah=moneysenator.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1354391948774565

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a227b9d209dd7d69749f18a3d2387e59391d8401b2c05e375541f9bf7ce8d928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122753
x-xss-protection: 0
server: cafe
etag: 18121646324950683337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 01:09:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/ Frame D59E 10 KB
5 KB 58ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1354391948774565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 06:27:55 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 06:27:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216937615-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 212
date: Tue, 16 Aug 2022 01:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Aug 2022 03:05:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 81ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8JT5N79EM8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216937615-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6934d787bff5a09d983b12a34e2f8212254091513428f91d9f02325c3f68271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62921
x-xss-protection: 0
expires: Tue, 16 Aug 2022 01:09:29 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 69ms
20ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=998248212&t=pageview&_s=1&dl=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&ul=en-us&de=UTF-8&dt=Pakistani%20Politician%20Imran%20Khan%27s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information%20-%20MoneySenator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1461289389&gjid=2050507564&cid=192118761.1660612170&tid=UA-216937615-1&_gid=988911691.1660612170&_r=1&gtm=2ou8f0&did=dZTNiMT&gdid=dZTNiMT&z=285357009

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneysenator.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moneysenator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
649 B 76ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=moneysenator.com&callback=_gfp_s_&client=ca-pub-1354391948774565

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1354391948774565&plah=moneysenator.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2f0950e4b963220c22e3da0e082a0c5173c170361fdf99f4d70a2eca795bad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 56ms
21ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=moneysenator.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 57ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=moneysenator.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6B5 42 KB
14 KB 172ms
144ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&adk=2969136045&adf=3689892565&lmt=1660612169&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612169808&bpp=3&bdt=882&idt=153&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3013595093264&frm=20&pv=2&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c61fc8d0cffe6aab01c19bbbb9aecf5bf2942a275df58871cad182e10aaccbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 14021
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:30 GMT
expires: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 44ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JT5N79EM8&gtm=2oe8f0&_p=998248212&gdid=dZTNiMT&cid=192118761.1660612170&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660612169&sct=1&seg=0&dl=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&dt=Pakistani%20Politician%20Imran%20Khan%27s%20Instagram%20Account%20Used%20to%20Promote%20Crypto%20Giveaway%20Rip-off%20%E2%80%93%20Featured%20Bitcoin%20Information%20-%20MoneySenator&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JT5N79EM8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moneysenator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 150 KB
53 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25a1875acdff0225e270cd1ef3c8fe30bf19366d68a999f008bc96ef7864514e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54702
x-xss-protection: 0
server: cafe
etag: 14990466771870540383
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
21ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=moneysenator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=moneysenator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6752 27 KB
12 KB 162ms
162ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17506f122bd1b5f997f23b9beb916ab06f88c3d8cbea5095fa8acd0a1cc07ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:30 GMT
expires: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B43 26 KB
11 KB 165ms
165ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b242fd1d48462d0da59890c74e3fa23d341607431a0cc2e499fe5327662e68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:30 GMT
expires: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E00A 27 KB
12 KB 138ms
138ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b1c72b7f940465e6dee64af1797c5413e2c754f0599167d2b4243caf44e28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11935
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:30 GMT
expires: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 58ms
14ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 16:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:01:27 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=moneysenator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=moneysenator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/ Frame 48C9 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 06:38:01 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 06:38:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 48C9 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyVyVSu76YrPzAbPXx_AP9sGMqAnJntKxXKX8k_dwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAaoE4gJP0KFtzuO01RfQM3KVGcCAk8njK4-BWjZlcJDnXv5QpXeQlCrFfDKvvROAbBAXlg4CNiS9wfqm59wnmOVD71lP2ESQWh1LpNr8szP3f3hWNL_DcHkW8lo4UYFQzn2UFIIYkT4GxGih35BPzS2Mxuo8DLe4We4SExQKcwgos8ANBFh68ItXxef9e2O00g1eA5Kixpe-Kzjbug78PM08y0U2okQ99Mglxuann4TxM4HAeq94y8mS0REOrDTGwq6asFe92UGQtk0YTqd7ylKmsP-LD8_k07eAMZQMqd7_ujjprjr28Y5ecAMfNgKVNvjANuWXEbUW0FGC-iDXPNBXO_mQW6X1r25Fml6sjV2z0WA1-qiR5mfGQhu_xRBtvuroEf1wrfM3yfvUY6T56xlTJh6bUYVO6NdaS0BdKp66RAtli75Bc5AsH5RPkbe8In0ZNBtR5Vxas7QgX4J8RplCLwE2RY-ABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTM1NDM5MTk0ODc3NDU2NRgA&sigh=SYcyZxNT1uM&uach_m=[UACH]&cid=CAQSGwCsnQUxITsD_G-d18OW-Z13kdarjZG9sR0P0RgB

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 48C9 0
0 65ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecz6RO0HfJ2DYgICAAAAl5SNMVh_D3IQSe76YsKh1l6XRH1jYj5dABIAAA&wp=YvruSgAAebMIEeuzAAMg9hLIrcdHAdQecOh1pg

Requested by

Host: moneysenator.com
URL: https://moneysenator.com/pakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 310485
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FAAF 171 KB
53 KB 142ms
102ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAAebMIEeuzAAMg9hLIrcdHAdQecOh1pg&u=%7CMVDe7Za51SxM55pAaVFTQKBb4e%2FHTVqPBASTZgI9FRo%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6iSToWSbpKg-OqeEGfpuou6alag7PxIYTZam8qsQ7kN-W_8WqoywnKlLRm4ixmMx8ZgdwCrGllqHPf_VWZl0Tvv4mUbH-2Khsqnjnb95f1qtegMPNQepkgKbES9ttFA6Wtb8y9anH546lNZPFm5pmDFhdlrX_JEobKsx74UYILWRMVAm4VFc2rWE9RsnIvlz1d_nbuPFLt7YpwCV6WANcBKlXq7R5dkN-pl3hgCk5SD9SqSTqekOzf_VjkZn5xIW7fy8yPWG6hnrzPF38YwUqzzJSNPoK-GFq-H9EfY-pds7Gf1Q1mDTcKWVDtDMnvvwWPen3FgEHW-wtP7flSwQ4kEYguPU6Sn9v7eRnHDveBlmTDAtZ_PKB7tmVgQ0_FnIa&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqH6uSu76YrPzAbPXx_AP9sGMqAnJntKxXKX8k_dwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAaoE5QJP0KFtzuO01RfQM3KVGcCAk8njK4-BWjZlcJDnXv5QpXeQlCrFfDKvvROAbBAXlg4CNiS9wfqm59wnmOVD71lP2ESQWh1LpNr8szP3f3hWNL_DcHkW8lo4UYFQzn2UFIIYkT4GxGih35BPzS2Mxuo8DLe4We4SExQKcwgos8ANBFh68ItXxef9e2O00g1eA5Kixpe-Kzjbug78PM08y0U2okQ99Mglxuann4TxM4HAeq94y8mS0REOrDTGwq6asFe92UGQtk0YTqd7ylKmsP-LD8_k07eAMZQMqd7_ujjprjr28Y5ecAMfNgKVNvjANuWXEbUW0FGC-iDXPNBXO_mQW6X1r25Fml6sjV2z0WA1-qiR5mfGQhu_xRBtvuroEf1wrfM3yfvUY6T56xlTJh6bUYVO6NdaS0BdKp66BglEGTnO74OTg4DsQYoa2nQNPq1by0TYB3wd-XDDWLVaqquyVjApjleABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3X1HPW6TKpGjpTPT_cJfViARSKsw%26client%3Dca-pub-1354391948774565%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

445f6431a28ac79e8e4d865addf8dc6887aae9736bc236a5b45f0d4a65c991c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=s-Kibl9Gd9vghE1VKPANKAI4IyCNU_BMjg5P0_P3WJ71CvfcaEJurPbTyVQMDSFSeZI-gKKT_5-P83xd-p5nV1klWqMFE-jwbsM89L8yq3s9WnQW9u4Sy637e5EY0kXyCJPHsb4tweaQqt6rT6351eqmNsxVb-U_8gUk3SG12g57jihPKx3ClxFg50lCZSYtKve7lL62iaJlOEsUAb5DgH8Qm_j4zApfKH66asNT9Fo3l-CdShpGofX3s0RoOiEekGDwJQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 72005136
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 48C9 3 KB
1 KB 65ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 00:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 00:48:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48C9 140 KB
44 KB 69ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 48C9 17 KB
8 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:05:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 60ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:600,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bedb34d7eeb82a42968d18d7d958133e36354167d525d4e59f9556f708ad9262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 01:09:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 01:09:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 6752 3 KB
1 KB 51ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 00:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 00:48:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6752 140 KB
43 KB 71ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 6752 17 KB
7 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:05:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6752 0
0 55ms
20ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOUqdKq8iyxNzgwet1VnBVXuEM6VPqcubJEn0uig8AgGFkOvqrxAtxNWyUgLfNqlUqlAhqbXZ2mDWcWOyRFstIuf5pWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6752 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL4-wSu76YryND5ny-ga585pQyZ7SsVy98ZT3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0xMzU0MzkxOTQ4Nzc0NTY1oAHVttLqA8gBCakC4SEKXdIasT6oAwGqBOcCT9BrnlBiSpK4paMSZ4Dem5g6ineOf04DQ504drJD86UAwE3X_obRofYmsZejaEq87S9S_EOoMkScUF0lLuxHuPTzVI92Cp1mNDwInKosBOfuii_llneVHpd4PjGwtIgwCTJV-3GBeHqCemxOwE6epRHYgDXjIazSKNsURcM-BNraN17pvDRCdkU2lz6hgUIIIg9H80ivqvYEIyNHO9GzvQMcNTWRwFvA0PF7Yric2iGb7FqM6q3vQuLiT32BfKMzdruK_500CXTVqjJe8AvhodK4hX1d7ORtf3yfPuqWM94AjmA0FJrWGm7GiYIiTimXpDm6wz1cnE0iw2XeVSksXzxZ8UqIfo7voh08BDP5CychmuWcKG6Oc0sp-liie1IZOYWx1gdQhs3mQZyKMu-CpOj6uE39YZHJvmGP0RMZxGX4mGAh68AcgRwlTvyrVRWSxbDJZB68GYFV5RAoDraM6Tf_sLG2KQ-ABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTM1NDM5MTk0ODc3NDU2NRgA&sigh=Z81tJq7yWPM&uach_m=[UACH]&cid=CAQSPACsnQUxXJl0ZrweqckR093UPU31_2sd0nldEK1b_PFzbGYrkaKs58B2N29L0qkLYDlXj46Ir39MXI_W7RgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6752 0
0 45ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecz6RIwGmAKdg2ICAgAAAJeUjTFYfw9yEEru-mJKiZwk0HNtxmIKPgASAAA&wp=YvruSgADxrwK3rkZAAa5uYSThPmFs0UxGfINbA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 307960
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2BB9 163 KB
52 KB 96ms
75ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgADxrwK3rkZAAa5uYSThPmFs0UxGfINbA&u=%7CMVDe7Za51Sxpjf8oFLlxfFYMDJPiXfcnkZqL%2FhKnhdE%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdsnvy2VVlZR3iEPXmgXVL7q1cq6T5al4dTKgDAjLV5DcT_go0gPrpmX2J8kmQvTuBObcDyOzfxGAqnTgp6YSfVip2rYp0zRei2J4NrrtgTP7vUOKRqRNoC7pBpA0dFtKcgzOuWalv6ZxnyYR0Pc5Migo3LXFNTxcjddv6rQcgm9VhCQkf_fEb6wDMx7Djq8CC2vpRxiYlEEbhgzgz1RiiCtdm_YAszlA7Jnjih8c5VBXmqFB4nhDSLd6UYiiNyRDJTnIgoewC9iAAwVRP8HyrzKnAKeOGWdAmne4EtlPnLFANqlpYLqxBtAFGPeyADW8QxIBE6QBYqAPdk2_CDLsswtSWi9dwFAZXqLAeIfxn8kl1PXpZ0z1mZIhnxwHXbejRxuzhM2Sq7m_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxFpOSu76YryND5ny-ga585pQyZ7SsVy98ZT3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0xMzU0MzkxOTQ4Nzc0NTY1oAHVttLqA8gBCakC4SEKXdIasT6oAwGqBOoCT9BrnlBiSpK4paMSZ4Dem5g6ineOf04DQ504drJD86UAwE3X_obRofYmsZejaEq87S9S_EOoMkScUF0lLuxHuPTzVI92Cp1mNDwInKosBOfuii_llneVHpd4PjGwtIgwCTJV-3GBeHqCemxOwE6epRHYgDXjIazSKNsURcM-BNraN17pvDRCdkU2lz6hgUIIIg9H80ivqvYEIyNHO9GzvQMcNTWRwFvA0PF7Yric2iGb7FqM6q3vQuLiT32BfKMzdruK_500CXTVqjJe8AvhodK4hX1d7ORtf3yfPuqWM94AjmA0FJrWGm7GiYIiTimXpDm6wz1cnE0iw2XeVSksXzxZ8UqIfo7voh08BDP5CychmuWcKG6Oc0sp-liie1IZOYWx1gdQhs3mQZyKMu-CpOj6uE39YZHJvmGP0RMZxGX42mIAeUeTHQ-a0ugIhSg0Pbndbqi2N5nXUdgVqEQz9xvnNRsyOrB4bMWABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Fd_rJWrp-t0DAQ-pzUUoeeLsSuA%26client%3Dca-pub-1354391948774565%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ce003d93f91dfd4c5b3bf4b0e60c825ed6f554593c10ade1714adc95b7b59a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aGNFnV9Gd9vghE1VrQI_iMYCL7GOVnTDOvgMZexDOw0YrLfH22lugQ2o8uO3WNjKDi_q9o_Z3nug4lBV3x578PYA9AY3cbPm8r9tg40UkM9Y056NOqKbDB4hw8t6gbtNiEYODs3fRzi8ARXuZUqPmzKDZlRs-h2MhzKQu4_4yyE0yjzXxzz-7E8Mv6bCCz7-EXimG8MsGuRecMm36wDDX9oA-7LkOSU_Z7zKJw6dA9Fr3UoBNxch4uZFuA5M6HrlQfJcxA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 60882993
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B8E0 1 KB
749 B 14ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 17:20:54 GMT
etag: 48472445140208031
expires: Tue, 16 Aug 2022 17:20:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame E00A 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 00:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 00:48:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E00A 140 KB
43 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame E00A 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:05:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E00A 0
0 24ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwFjKx_180BSQW7yeTVGwH4XlggWNGLtD0kpbU_YCrm5Y6HwQpnMPZNgnA4mubhVqYlZ6mdJZKlh3-U-hkByhs9f0pwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E00A 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClTcvSu76YonMEsjjgQf-koOIC8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTM1NDM5MTk0ODc3NDU2NaAB1bbS6gPIAQmpAuEhCl3SGrE-qAMByAMCqgToAk_QOIUJpjGYZ-POhoAzvbfkaS1FgX57y87DViByJm2EQMCyQHZ4OU0N9xBKhCCmVHpQcMhnlbbt4aVMy33IkM9Ob9GhAmNFaUDEL51rVd14b_8q3Peu5zYeq35T2VBXd0TWUkvLpoGq7YsqKhy64Vts32oqXw-dsbNjJ6bGAoiX0P-GA7IeybATp4uDkk2uImrNv5mNbyibNgxP10MhsBzyrHzQjNE1eSdMIWAiF5mV_lUhUArQX4CtNTlzpksc-cG_867Erd2ZTPyjkQq-oxNLBMkvz19eFg5dRru0OQG4PNwGSZl-pke4azpmPNi0ZAfxUKMePLE4P21dYPYF0Xs-ZPOUqAIjfFNiThtkoX7C3ZJW_zF6NgkfkhvRv3sDN6BZ8BzOeEdUB9HXICbv_1jqyRA239QjFfICII7SQts6RsJr54yPW8mAUR04uKnqsMegCOhOQwpnZG60jOnTkPpqi2WGN99Ss4AG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMzU0MzkxOTQ4Nzc0NTY1GAA&sigh=ErLnYvrzxeM&uach_m=[UACH]&cid=CAQSPACsnQUxOqeWCo8y8mt-2Ye-g0SYa8XB3KeVl4vHwkacBfj2YdVsZPntBdFxnV8hEiBPdTKPrVP6Fpq1ahgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E00A 0
0 14ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecz6RJIJmAKdg2ICAgAAAJeUjTFYfw9yEEru-mIisg4ttbw0itelCwASAAA&wp=YvruSgAEpgkK4HHIAADJfsuJBlAuhSnQ8IC56Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 342146
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 959E 172 KB
53 KB 102ms
102ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAEpgkK4HHIAADJfsuJBlAuhSnQ8IC56Q&u=%7CMVDe7Za51SzfOVSjmFQ1oaojeLxaLcq3heQHpASnMiU%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdjzZ9t_AoCXF_0blrznO54JYrcQ6Sa540OSLSwSewrVX3mrh-umfWb1mkSaMeF4vLQzGbwG7JhIhZWfD4Y-Jv2NTCFdtGijBPb-7QSlufg66RDzzhhvNjl5KQrsuvKpEBpaYgExaFvWebHxev21g2dAC_sODXNxC4CE0jI2sF0srNTuBfHyeBjbDfuh09ps2IVObcrb3pj3w8uvYeR125W8J39XrhXkHp-OW5-Tr4PTbHqBF2JyoGETSAbkfdk2lbdD9m_gE7V2Vx9pcWcRCGU8rl28aDlsCnQKAs1sgJ_gCWAb7hm75fLr6armtHkdFoP-DMXGvmz9SYWJ5Es3CTr3118J7-_1W38YhuYLQ3amGXFQWgFKZZ-BQo9GrCKl8gkRaMcUmPolO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqw2ZSu76YonMEsjjgQf-koOIC8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTM1NDM5MTk0ODc3NDU2NaAB1bbS6gPIAQmpAuEhCl3SGrE-qAMByAMCqgTrAk_QOIUJpjGYZ-POhoAzvbfkaS1FgX57y87DViByJm2EQMCyQHZ4OU0N9xBKhCCmVHpQcMhnlbbt4aVMy33IkM9Ob9GhAmNFaUDEL51rVd14b_8q3Peu5zYeq35T2VBXd0TWUkvLpoGq7YsqKhy64Vts32oqXw-dsbNjJ6bGAoiX0P-GA7IeybATp4uDkk2uImrNv5mNbyibNgxP10MhsBzyrHzQjNE1eSdMIWAiF5mV_lUhUArQX4CtNTlzpksc-cG_867Erd2ZTPyjkQq-oxNLBMkvz19eFg5dRru0OQG4PNwGSZl-pke4azpmPNi0ZAfxUKMePLE4P21dYPYF0Xs-ZPOUqAIjfFNiThtkoX7C3ZJW_zF6NgkfkhvRv3sDN6BZ8BzOeEdUB9HXICbv_1jqyRA239QjFfICII7SQts6RsIp5a0d3EYcQqKkrAo6jWFYAfxE9QBJfOwARNR1YkV0p30DnVtBDHCP3YAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31-B1GdUi9aV-kjS4Tg7t1FL2MyA%26client%3Dca-pub-1354391948774565%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6443c03f72270ebd430ada739aacad0e0634a842af410e49018672bbcabf60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=poF_AV9Gd9vghE1VrRWiqSQZXgPAYRJS0mwK48PBvYybsYp8HH49vzUWbbDiGX7A1fd0Ezt6K78prtRkIGo97jGHido8A3kt4u79VxwRMlBmJd9GySGOyz-hSVur4vLY1K8FcVWuyHOhJfUW9d4HzzCXCpLJuFDfpymUnmEC8ebkWhecEzLVBMPzvTJd5Hyf664qqQqP9e3hqr8oo2gn-beQtSm8FjdTr8MJ8pOT_c3PTFFK1qoMnTwaO1s"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69114519
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 390C 1 KB
749 B 15ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 17:20:54 GMT
etag: 48472445140208031
expires: Tue, 16 Aug 2022 17:20:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 3B43 3 KB
1 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 00:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 00:48:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B43 140 KB
43 KB 42ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 3B43 17 KB
7 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 01:09:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3B43 0
0 25ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRS2nQXz-_GH4GY9gvyBtBRhkJYBgivLU2Uqtj-9NykIOFlqnELQW_98fkZ04_GUv4Jf79X3CCOFpm6NbVVf0MoIrdNaQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame B8E0 35 B
463 B 45ms
11ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB27DDWjgOqHxiB4I9izMdk&google_cver=1&google_push=AehlK4Aue3Vho_otKrsH1tuUiWk9tT39nN9j6zqQjxGgxWcHG7cTK3L4L9N7PrxfRZCpW2J1SK8Sie4ROAsieU8dJD5iXDsS4Rs0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B8E0
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CMgiX1...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CMgiX1...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4CMgiX1SyS8crmAbww1pNPTr8QrZ_svXcOc2GI1bd68a2L0upf7kk6FBbz6hFKFK9...

170 B
188 B

23ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4CMgiX1SyS8crmAbww1pNPTr8QrZ_svXcOc2GI1bd68a2L0upf7kk6FBbz6hFKFK9cGGlS0GPMRWsMrnLc9iJEIfeASStfY

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4CMgiX1SyS8crmAbww1pNPTr8QrZ_svXcOc2GI1bd68a2L0upf7kk6FBbz6hFKFK9cGGlS0GPMRWsMrnLc9iJEIfeASStfY
pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B8E0 43 B
356 B 72ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEF8M-gZeJmSUgOGXjReJGuk&google_push=AehlK4Ah2k832f4UZYQ0GnbthRz_3aaPYP3p2kxRvCONxfwn2kHR0eKFCvii2uzarmdhnmQrO6cbhCOzfAXRsJHzBlwQV34rBQuM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B8E0 43 B
350 B 63ms
24ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFtylSOk3SEvlp9xTRAAPc4&google_cver=1&google_push=AehlK4As4sG20PrU1XCCvF241VrwpVAa_EeDD5LyWHT5mwebHg9xN-8GgzvSRP_-Z6r-TV1jqRyUT2AvfawW-qMaSxPJdosPTgQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fa832i6s6d67ojp2p4c73hri99s4oi63

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B8E0 0
166 B 68ms
13ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPSMY8gVlDrMPt8NBYlqsvI&google_cver=1&google_push=AehlK4DArAocDZeQrGIwelscIOPmtM4AajAG7A6ngQBcgeByghZJ_W-wsbM5LBAwL2NljPmO6qQDq-xNB1aPSTZH4j1LGl46Ev4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=474027355&pi=t.aa~a.2814377534~i.11~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=3&bdt=1276&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0&nras=2&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=m88ASLgtYF&p=https%3A//moneysenator.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B8E0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4BpxP3L4cK-JsAA_nm6nT4GFHnYlnnNF...

170 B
188 B

50ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4BpxP3L4cK-JsAA_nm6nT4GFHnYlnnNFjPyF9YemPPG2m38ZjQ4Vw0AaQcT3Ob2IsCGssuRgJi5fd9YeaHhKv7RGNR1cNA

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUZNVdwCInc8dcTLSVNgjEKMwPqmoKLnyVqBMR539jqNUh7C9Bkdeqho6m5%2BiX6hrH2KFaE3FzYcYwuNq5Z5f43i8tUZuO1IuKHNnPNvPdbDBzOR%2Fjq4V7YNxrYXMQXxo3kxtwzUZmpdRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELQVK0Q3RtN3-8mCJi6Ps0U&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4BpxP3L4cK-JsAA_nm6nT4GFHnYlnnNFjPyF9YemPPG2m38ZjQ4Vw0AaQcT3Ob2IsCGssuRgJi5fd9YeaHhKv7RGNR1cNA
cache-control: no-cache
cf-ray: 73b648f228758fe2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame B8E0 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B8E0 0
223 B 81ms
20ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEjcuctAavknpmoKkLRVOYL0aU3LIok-d35Z3rXiB437BUbMrO15RHE3tim1D2jr5HrebvjA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B43 0
0 62ms
58ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CftWsSu76Ys-kEse0gQft-IPAD8me0rFctZjj1pMBwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAcgDAqoE5wJP0KeDOHRfydCjs2kgr8on4uhiv_2Uz4vKxd5wsUdJYzaUDP1amVdWUKSNasJ8j-Y1bLmX2kf-jEJ1txMVtCwdHMh9pz4VDzrWeIs9mkdxTv8rvX1kyWfEmXY1Z2LYX-zZD_HdEko6Ow-GjBnNW23ogsEPz0mabsuaCuXMTOgQDqXb3XbmHTzQUJHg98PMe-c8qbdf9CoFGMCw6vG3k1sa2wRC0p_t9qKzzLYliV9ryOYMbnh_241i9wxFju8cuUOqkUzMAAZemGNluEDq67Td_i8zDzHFnsdfrPbF5UHT5K8Irz7yh7gVg5_60pWBovwVMuMC6xBkTkR-FqrfOWyQNB4aCgijAX2fg8--7eLhbTFs2WPK2dFqKUWy1pjrPRUPE_vrGRjjsOgTei9GY7JNmWjnsIBTn6hrkrrhPGG-_DWCy2yp_gr9Eabq7OVyLD0rkNHymVtDrlPpFwEpp_Gw9xzoHzw4BIAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMzU0MzkxOTQ4Nzc0NTY1GAA&sigh=5rZ6geNlkSM&uach_m=[UACH]&cid=CAQSPACsnQUxltuh0wqx2GmMcA295obQ9MdDE8PRe6xxRLXsnKplxc43DDWmws2yEPxETh0QmoNYTRQv56nW7xgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Aug 2022 01:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3B43 0
0 76ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecz6RIwGmAKdg2ICAgAAAJeUjTFYfw9yEEnu-mJJiFY5DzEedLzgegASAAA&wp=YvruSgAEkk8K4FpHAAD8bQLnKhHZX8drH0vSAg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 279845
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5D8C 163 KB
52 KB 92ms
89ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAEkk8K4FpHAAD8bQLnKhHZX8drH0vSAg&u=%7CMVDe7Za51SzIC3uIpTjrucS0KHRGFkSNbO9ITGO%2FE1g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdsnvy2VVlZR3iEPXmgXVL7r4Ty70jWAdFwMTa4liXugodTTrcwZgYnzBq0mD65uW7B9A0ixnrMinGdh1QoSNN6Jh-ol8z6xn4jtW0h4_SitBb8HrwfXgMVQ8q9RRqVHSOjyz64XYDs6B2a2v0Adpq6Hwqwi1CVfqsdR6wd61624hLb6rOIMPKrZNTfoU2cT2UkMyjzXBvHi00efv6WAL2aa0UAGm7X9qSdx2PmA_WBKJKp6lCzNY3eHVR7AyKeTvTmxyqTBxEbYLhsv3ErLdSTbNOrPpbdkOM-k8caNvXCIujEYRecYeBSv_ABAlijuD2AfVIYBCH1K8qe5pPaJSkk5Mh242OTQpHb7thllo41BXasXZbr03HbWRPpsrbr8YRTcTy4A_B_ho&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt2q1Su76Ys-kEse0gQft-IPAD8me0rFctZjj1pMBwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAcgDAqoE6gJP0KeDOHRfydCjs2kgr8on4uhiv_2Uz4vKxd5wsUdJYzaUDP1amVdWUKSNasJ8j-Y1bLmX2kf-jEJ1txMVtCwdHMh9pz4VDzrWeIs9mkdxTv8rvX1kyWfEmXY1Z2LYX-zZD_HdEko6Ow-GjBnNW23ogsEPz0mabsuaCuXMTOgQDqXb3XbmHTzQUJHg98PMe-c8qbdf9CoFGMCw6vG3k1sa2wRC0p_t9qKzzLYliV9ryOYMbnh_241i9wxFju8cuUOqkUzMAAZemGNluEDq67Td_i8zDzHFnsdfrPbF5UHT5K8Irz7yh7gVg5_60pWBovwVMuMC6xBkTkR-FqrfOWyQNB4aCgijAX2fg8--7eLhbTFs2WPK2dFqKUWy1pjrPRUPE_vrGRjjsOgTei9GY7JNmWjnsIBTn6hrkrrhPGG-_DXAyU07eYVhAhl2-EaiEZvTmcX4L1FtttFd3zyPVU6u2wRttbgruwcm8IAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0quDWcluOCjIzGvhCX4G0ua-vgCg%26client%3Dca-pub-1354391948774565%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c54765168b38a92659311463ac781cc8f4c1cae4606fe5f388e3b6a1090c6f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2CLmtV9Gd9vghE1VihG7h5Ybh-NL3z6z0zyOAd_qrNfor5yFRStda2_qYzvye5lPDjw9rO3RLmXxq5R-ljl69mqRvNJsIQ0V3k4TFBMXFdPESyTnCTqW6Gm9591PBJNxny_E5_l8vGIYTmFq2i7fXYEi9eBBggV-9XM_mqvcLvGVOQNOau217yuVP-jV4GRFO1Z3I-1fa7NCFVCD4hwDijo6vibMtk4peZk_aZTv1tY0tS-SApfhMytqSA1KUo3XT5EeeA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69245629
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 71FB 1 KB
749 B 15ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 17:20:54 GMT
etag: 48472445140208031
expires: Tue, 16 Aug 2022 17:20:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 71ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moneysenator.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:52:09 GMT
x-content-type-options: nosniff
age: 422241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:52:09 GMT

GET
DATA 200
OK truncated
/ Frame 48C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a04f9ae572fea8d9306b4b173c5636eb97cb552e36754023a578753e321dcd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 390C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGdv0th7iJ-IJk3sCWLSZfE&google_cver=1&google_push=AehlK4BEVp4jUYqD0cZHdIB2qqbpZdVph3b304Y1JyhKwt2s-Z54NJYEwr...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BEVp4jUYqD0cZHdIB2qqbpZdVph3b304Y1JyhKwt2s-Z54NJYEwrLDzjOjJKtA_NmJsiyk2i3IBtFQ94BRCiyZtOgJ8g&google_hm=5nBj4wch4U4Cea...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BEVp4jUYqD0cZHdIB2qqbpZdVph3b304Y1JyhKwt2s-Z54NJYEwrLDzjOjJKtA_NmJsiyk2i3IBtFQ94BRCiyZtOgJ8g&google_hm=5nBj4wch4U4CeayeJGRQLQ

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BEVp4jUYqD0cZHdIB2qqbpZdVph3b304Y1JyhKwt2s-Z54NJYEwrLDzjOjJKtA_NmJsiyk2i3IBtFQ94BRCiyZtOgJ8g&google_hm=5nBj4wch4U4CeayeJGRQLQ
pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 390C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CK8uSnDOBBe8AXOeBrgHZHsC0qxJYlCq07o0Q...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZydVNnQUFBS2NMQURyNg&google_push=AehlK4CK8uSnDOBBe8AXOeBrgHZHsC0qxJYlCq07o0QmH2QxEnMH2Sv_LN0wg9DvVROiB_o5gCJpR5zRaKSNa5e_cAzQZTdwxI8

170 B
188 B

23ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZydVNnQUFBS2NMQURyNg&google_push=AehlK4CK8uSnDOBBe8AXOeBrgHZHsC0qxJYlCq07o0QmH2QxEnMH2Sv_LN0wg9DvVROiB_o5gCJpR5zRaKSNa5e_cAzQZTdwxI8

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZydVNnQUFBS2NMQURyNg&google_push=AehlK4CK8uSnDOBBe8AXOeBrgHZHsC0qxJYlCq07o0QmH2QxEnMH2Sv_LN0wg9DvVROiB_o5gCJpR5zRaKSNa5e_cAzQZTdwxI8
Date: Tue, 16 Aug 2022 01:09:30 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 390C 43 B
61 B 35ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFXjb5SlW0q4DKOYu9sYwA4&google_push=AehlK4Dcpi5vDNx0lBwrgc1Ke-AHzmqT97dTrCmrVwM3yvbQPY7sLg2-cu4kStfT4oEoidnD7pAKF8nG2iQS9788Zwp4f1ETR6Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 390C 43 B
64 B 35ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEM6AMswoh4nXd4NiFucd3T4&google_cver=1&google_push=AehlK4CYu6vT5xU3PxizO1rugLb230RGKwe1ng9Xk-_tDVRGHQ6trHlwioayulwqfLOYY8Gy7B8T-c1TkzyKiO6yTXgnBqtJUMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: oq89i5qs0g8ruffkq39nn0m86beueud2

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 390C 0
41 B 15ms
13ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFn7_Bo-UET5HyCZFQeKwSQ&google_cver=1&google_push=AehlK4Cx4GqH-JR3w1jT5N_r7Auwa2i2SofPifgbRusG9tFoVHS57DYn_-_r0NnZaB-f2dNpuvONpP08-8LF-Dl_fsCRQw1ClVg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3921585650&adf=469824251&pi=t.aa~a.4076845965~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1660612170&rafmt=1&to=qs&pwprc=4132823972&psa=0&format=1170x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=1&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280%2C780x280&nras=4&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=io4xnlwDkA&p=https%3A//moneysenator.com&dtd=75
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 390C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKrl-Vp2tAW_3fJsBna6t8c&google_cver=1&google_push=AehlK4AZ78WhnAqHJz_CpXJwRodAOMSH3NNUM6BcSJk6uMoW9iXseOJuN1C-BmqjQ4XcuDZ1bDH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtUi1BVU5E&google_push=AehlK4AZ78WhnAqHJz_CpXJwRodAOMSH3NNUM6BcSJk6uMoW9iXseOJuN1C-BmqjQ4XcuDZ1bDHYzRQ8eFb5L46yk5N88juQdWE

170 B
188 B

23ms
22ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtUi1BVU5E&google_push=AehlK4AZ78WhnAqHJz_CpXJwRodAOMSH3NNUM6BcSJk6uMoW9iXseOJuN1C-BmqjQ4XcuDZ1bDHYzRQ8eFb5L46yk5N88juQdWE

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtUi1BVU5E&google_push=AehlK4AZ78WhnAqHJz_CpXJwRodAOMSH3NNUM6BcSJk6uMoW9iXseOJuN1C-BmqjQ4XcuDZ1bDHYzRQ8eFb5L46yk5N88juQdWE
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 390C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBHVIbqsGG8ORP-t0OUlSns&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHVIbqsGG8ORP-t0OUlSns&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4AESfc75EJFPDbzX049AOB_iMwa_BxWq...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHVIbqsGG8ORP-t0OUlSns&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4AESfc75EJFPDbzX049AOB_iMwa_BxWqMUL7GP8CbbwzapqVlVEXUTW7uBFca0bRDeCVynLEqjTFP76OSnrFn3jO8SYqeQ

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2gEv82Y%2FwwyhnBoFfoWFe4WdP7pKhfuk%2BPpsFmb2j%2FDLmgf%2BcEO2%2B9kFme%2BLuwlnQ01MMSjW8ATxXRkifKBBf01kNihooJIcAVWvfFho2h2sDEJOJo%2BMccPCJQsZXs%2FFiO8m1MT8B2y0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHVIbqsGG8ORP-t0OUlSns&google_hm=YvruSspvoVja9ZLh4A14BAAAFDcAAAIB&google_nid=index&google_push=AehlK4AESfc75EJFPDbzX049AOB_iMwa_BxWqMUL7GP8CbbwzapqVlVEXUTW7uBFca0bRDeCVynLEqjTFP76OSnrFn3jO8SYqeQ
cache-control: no-cache
cf-ray: 73b648f228778fe2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 390C 0
12 B 70ms
20ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_nJJNQ-7qRtqOcBDyUmRqQdKc2e8Q6dhTNDAMl80Oi_vToo0_yNkGRlsE_mMqX9GmA-Y9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71FB
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBw3UKkcTAC_TgSIz7HX4Ho&google_cver=1&google_push=AehlK4B6Om_HBaPrQ11GiLFAVV7nsfUahWkb5dRp7HqeGlzLYa0PDsGCd_...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4B6Om_HBaPrQ11GiLFAVV7nsfUahWkb5dRp7HqeGlzLYa0PDsGCd_vTbDtx3f2UeAZn_m-crDp_nu20kBqkXU-wPyFtJf8z&google_hm=5nBj4wch4U4C...

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4B6Om_HBaPrQ11GiLFAVV7nsfUahWkb5dRp7HqeGlzLYa0PDsGCd_vTbDtx3f2UeAZn_m-crDp_nu20kBqkXU-wPyFtJf8z&google_hm=5nBj4wch4U4CeayeJGRQLQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4B6Om_HBaPrQ11GiLFAVV7nsfUahWkb5dRp7HqeGlzLYa0PDsGCd_vTbDtx3f2UeAZn_m-crDp_nu20kBqkXU-wPyFtJf8z&google_hm=5nBj4wch4U4CeayeJGRQLQ
pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71FB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIenuY6ye3o9IyBdzUiAhdo&google_cver=1&google_push=AehlK4CqH_pyjQDBy7GiTG_E91IvYbwBNGHj1siQ9T5MQRn62cezoejXS78p2idhPe4kKSgfzI04EYOaMtDA48ozhGNBGY7SM6Su
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CqH_pyjQDBy7GiTG_E91IvYbwBNGHj1siQ9T5MQRn62cezoejXS78p2idhPe4kKSgfzI04EYOaMtDA48ozhGNBGY7SM6Su&google_hm=Q0FFU0VJZW51WTZ5ZTNvO...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CqH_pyjQDBy7GiTG_E91IvYbwBNGHj1siQ9T5MQRn62cezoejXS78p2idhPe4kKSgfzI04EYOaMtDA48ozhGNBGY7SM6Su&google_hm=Q0FFU0VJZW51WTZ5ZTNvOUl5QmR6VWlBaGRv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 01:09:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CqH_pyjQDBy7GiTG_E91IvYbwBNGHj1siQ9T5MQRn62cezoejXS78p2idhPe4kKSgfzI04EYOaMtDA48ozhGNBGY7SM6Su&google_hm=Q0FFU0VJZW51WTZ5ZTNvOUl5QmR6VWlBaGRv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 71FB 0
98 B 66ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4ALQPPBqUYHoWggx4HkNrp164lpvwbDeDEX_tu8zyS-0y5MTG1Ouaj05VStqNcIO77xs4MeIQbm9kEiC_hmf2ECpMJtnxVO&google_gid=CAESEJA2wUupML22a3VVKXTuPpE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71FB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4C2AICC...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4C2AICC...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4C2AICCtTXv7wa0e8PW4UkZZFMM2nr53c7FhQeHpeZ7bsdKB91qpUk-saI2o8Li8n...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4C2AICCtTXv7wa0e8PW4UkZZFMM2nr53c7FhQeHpeZ7bsdKB91qpUk-saI2o8Li8nC5iFzObuIB1eZ1uOvguFoyoyIqHsZJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTYwMTA5MzAwMDAxNTA4Njg5MTE4MA%3D%3D&google_push=AehlK4C2AICCtTXv7wa0e8PW4UkZZFMM2nr53c7FhQeHpeZ7bsdKB91qpUk-saI2o8Li8nC5iFzObuIB1eZ1uOvguFoyoyIqHsZJ
pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 16 Aug 2022 01:09:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71FB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHIm97SntnF_HITaCE2M5N4&google_cver=1&google_push=AehlK4BqP-2lZbvWVh9zR0wkUBn1KEW54Dj0fqfBqdFrNWkCdVLzeORPoNztPDV6oW6FzeLfiYf...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtMTgtM0RNVw==&google_push=AehlK4BqP-2lZbvWVh9zR0wkUBn1KEW54Dj0fqfBqdFrNWkCdVLzeORPoNztPDV6oW6FzeLfiYf2AG8GOKasFyxjz2355HMCVoI

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtMTgtM0RNVw==&google_push=AehlK4BqP-2lZbvWVh9zR0wkUBn1KEW54Dj0fqfBqdFrNWkCdVLzeORPoNztPDV6oW6FzeLfiYf2AG8GOKasFyxjz2355HMCVoI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZWSExaRkEtMTgtM0RNVw==&google_push=AehlK4BqP-2lZbvWVh9zR0wkUBn1KEW54Dj0fqfBqdFrNWkCdVLzeORPoNztPDV6oW6FzeLfiYf2AG8GOKasFyxjz2355HMCVoI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 71FB 43 B
296 B 212ms
24ms Image
image/gif 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGKcPGHs1_qpqDgJwrydqUg&google_cver=1&google_push=AehlK4CZc1LnukpR1zPNAUepefSgX_m7WMyeS1hua3waSr43xjt0c43gVC5IfrKDLYOupXHr2N5AzADQtKwcl4Qb-p1wggO01r4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 71FB 0
12 B 70ms
27ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWVKHx8bf-J6UpCuV-7DY4_Fi3kGtlOaNcTG67icrSWIDqDNQ27eOeQp5Upd7C0w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1354391948774565&output=html&h=280&adk=3956041406&adf=1899830499&pi=t.aa~a.2814377534~i.19~rp.4&w=780&fwrn=4&fwrnh=100&lmt=1660612170&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4132823972&psa=0&ad_type=text_image&format=780x280&url=https%3A%2F%2Fmoneysenator.com%2Fpakistani-politician-imran-khans-instagram-account-used-to-promote-crypto-giveaway-rip-off-featured-bitcoin-information%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=195&rw=780&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660612170201&bpp=1&bdt=1275&idt=-M&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90df12c77b1f58a6-227bc51bf4cd0084%3AT%3D1660612170%3ART%3D1660612170%3AS%3DALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ&prev_fmts=0x0%2C780x280&nras=3&correlator=3013595093264&frm=20&pv=1&ga_vid=192118761.1660612170&ga_sid=1660612170&ga_hid=998248212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068486&oid=2&pvsid=697827408738137&tmod=1797220678&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zBeeNMgSkJ&p=https%3A//moneysenator.com&dtd=71

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2BB9 2 KB
1 KB 53ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgADxrwK3rkZAAa5uYSThPmFs0UxGfINbA&u=%7CMVDe7Za51Sxpjf8oFLlxfFYMDJPiXfcnkZqL%2FhKnhdE%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdsnvy2VVlZR3iEPXmgXVL7q1cq6T5al4dTKgDAjLV5DcT_go0gPrpmX2J8kmQvTuBObcDyOzfxGAqnTgp6YSfVip2rYp0zRei2J4NrrtgTP7vUOKRqRNoC7pBpA0dFtKcgzOuWalv6ZxnyYR0Pc5Migo3LXFNTxcjddv6rQcgm9VhCQkf_fEb6wDMx7Djq8CC2vpRxiYlEEbhgzgz1RiiCtdm_YAszlA7Jnjih8c5VBXmqFB4nhDSLd6UYiiNyRDJTnIgoewC9iAAwVRP8HyrzKnAKeOGWdAmne4EtlPnLFANqlpYLqxBtAFGPeyADW8QxIBE6QBYqAPdk2_CDLsswtSWi9dwFAZXqLAeIfxn8kl1PXpZ0z1mZIhnxwHXbejRxuzhM2Sq7m_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxFpOSu76YryND5ny-ga585pQyZ7SsVy98ZT3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0xMzU0MzkxOTQ4Nzc0NTY1oAHVttLqA8gBCakC4SEKXdIasT6oAwGqBOoCT9BrnlBiSpK4paMSZ4Dem5g6ineOf04DQ504drJD86UAwE3X_obRofYmsZejaEq87S9S_EOoMkScUF0lLuxHuPTzVI92Cp1mNDwInKosBOfuii_llneVHpd4PjGwtIgwCTJV-3GBeHqCemxOwE6epRHYgDXjIazSKNsURcM-BNraN17pvDRCdkU2lz6hgUIIIg9H80ivqvYEIyNHO9GzvQMcNTWRwFvA0PF7Yric2iGb7FqM6q3vQuLiT32BfKMzdruK_500CXTVqjJe8AvhodK4hX1d7ORtf3yfPuqWM94AjmA0FJrWGm7GiYIiTimXpDm6wz1cnE0iw2XeVSksXzxZ8UqIfo7voh08BDP5CychmuWcKG6Oc0sp-liie1IZOYWx1gdQhs3mQZyKMu-CpOj6uE39YZHJvmGP0RMZxGX42mIAeUeTHQ-a0ugIhSg0Pbndbqi2N5nXUdgVqEQz9xvnNRsyOrB4bMWABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Fd_rJWrp-t0DAQ-pzUUoeeLsSuA%26client%3Dca-pub-1354391948774565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2BB9 2 KB
1 KB 52ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2BB9 308 B
636 B 27ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2BB9 293 B
621 B 28ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2BB9 43 B
348 B 62ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=s4pCXVgLZnpK0PxU1OnM9rwR6Zng1-MCuKa3-pp2nWsePtucTmHBgLc2jADXGNZpW4I8BBbH4-_GU9PpTQ43o17O2Q9r8TaXeQ2QOYSbn0N52jH58ActBqvgECM5KJDvkzeWYXN1UTKFDJGGHRirWydLxwb8DbOd5jos-dlMucKg6eu5pUkQDyZ5fECU5ZkZH_1Bszu--EOZyiMdatGnTm0z_MIQ8dsGQVPQGzUSVznZe-xsUtJbnJ2dslg6iUBFcSrAyJyfUU0Djb3mVkrmKN2yXHV9dmu6uXMVpyAmNDLbhLYL7aa_tpP-fc3sVwEVtlsV_MPYN25YQPsMUR4wClpTTt2DF-bkXzUeeWVWijxzSSoJzGVfLYAJm8zf_PODC12J4QAZOMZt7DIg__7b_pA5giwuk-a-KjMpfUTa7tKOkkYz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1976182
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6752 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92b9d85377457150016bac4dfc14e238939ce78e9b4e6436c96b37f15d772b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E00A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e79aac5114e088940eed9538ea9669f69e5f966da725f4aea3f25dacf3d420b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FAAF 2 KB
1 KB 44ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAAebMIEeuzAAMg9hLIrcdHAdQecOh1pg&u=%7CMVDe7Za51SxM55pAaVFTQKBb4e%2FHTVqPBASTZgI9FRo%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6iSToWSbpKg-OqeEGfpuou6alag7PxIYTZam8qsQ7kN-W_8WqoywnKlLRm4ixmMx8ZgdwCrGllqHPf_VWZl0Tvv4mUbH-2Khsqnjnb95f1qtegMPNQepkgKbES9ttFA6Wtb8y9anH546lNZPFm5pmDFhdlrX_JEobKsx74UYILWRMVAm4VFc2rWE9RsnIvlz1d_nbuPFLt7YpwCV6WANcBKlXq7R5dkN-pl3hgCk5SD9SqSTqekOzf_VjkZn5xIW7fy8yPWG6hnrzPF38YwUqzzJSNPoK-GFq-H9EfY-pds7Gf1Q1mDTcKWVDtDMnvvwWPen3FgEHW-wtP7flSwQ4kEYguPU6Sn9v7eRnHDveBlmTDAtZ_PKB7tmVgQ0_FnIa&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqH6uSu76YrPzAbPXx_AP9sGMqAnJntKxXKX8k_dwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAaoE5QJP0KFtzuO01RfQM3KVGcCAk8njK4-BWjZlcJDnXv5QpXeQlCrFfDKvvROAbBAXlg4CNiS9wfqm59wnmOVD71lP2ESQWh1LpNr8szP3f3hWNL_DcHkW8lo4UYFQzn2UFIIYkT4GxGih35BPzS2Mxuo8DLe4We4SExQKcwgos8ANBFh68ItXxef9e2O00g1eA5Kixpe-Kzjbug78PM08y0U2okQ99Mglxuann4TxM4HAeq94y8mS0REOrDTGwq6asFe92UGQtk0YTqd7ylKmsP-LD8_k07eAMZQMqd7_ujjprjr28Y5ecAMfNgKVNvjANuWXEbUW0FGC-iDXPNBXO_mQW6X1r25Fml6sjV2z0WA1-qiR5mfGQhu_xRBtvuroEf1wrfM3yfvUY6T56xlTJh6bUYVO6NdaS0BdKp66BglEGTnO74OTg4DsQYoa2nQNPq1by0TYB3wd-XDDWLVaqquyVjApjleABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3X1HPW6TKpGjpTPT_cJfViARSKsw%26client%3Dca-pub-1354391948774565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FAAF 2 KB
1 KB 53ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FAAF 308 B
636 B 21ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FAAF 293 B
621 B 21ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame FAAF 43 B
347 B 41ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vtJy1_gx192t4nLvBd7ACBF1Ghj5C52EaQX2NmNZCaaqrsxr3DXiNVTGFySvUmgXnVbGyTAd8yHtxn-VYZEbL6hvTyujN669GwBr-X-EAMuiwo9LDt-jOggpFoSuDvYCk7BwLe5wrksPAsT52Lsa1ZDaJWW3csd5FZTGQvqxDUl-3hQAQu6Uvk1lyz4QXLT3CUywPMON7lrALY-RbtGjFJKAt9axa3TPwxGUfYfeO5pJTB17L9Ghy1czLgxpIw5q2CjwEG9grScf3h_xRXqosimmOtJi0JcrDLuf4XnNI5_Tcm_tfQ_CHitb6fWuuoQq3MGogWdRLYz0PqwuaVROwSmmHD8bQPzAn5RLYLgm1Cxhv9HllOXSf-bP_KBGlyJ7_14C9MFdA33yzHfjRafxPYcuQL9MeMKeCBbMIO-qxo-87EvC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3950938
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 959E 2 KB
1 KB 50ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAEpgkK4HHIAADJfsuJBlAuhSnQ8IC56Q&u=%7CMVDe7Za51SzfOVSjmFQ1oaojeLxaLcq3heQHpASnMiU%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdjzZ9t_AoCXF_0blrznO54JYrcQ6Sa540OSLSwSewrVX3mrh-umfWb1mkSaMeF4vLQzGbwG7JhIhZWfD4Y-Jv2NTCFdtGijBPb-7QSlufg66RDzzhhvNjl5KQrsuvKpEBpaYgExaFvWebHxev21g2dAC_sODXNxC4CE0jI2sF0srNTuBfHyeBjbDfuh09ps2IVObcrb3pj3w8uvYeR125W8J39XrhXkHp-OW5-Tr4PTbHqBF2JyoGETSAbkfdk2lbdD9m_gE7V2Vx9pcWcRCGU8rl28aDlsCnQKAs1sgJ_gCWAb7hm75fLr6armtHkdFoP-DMXGvmz9SYWJ5Es3CTr3118J7-_1W38YhuYLQ3amGXFQWgFKZZ-BQo9GrCKl8gkRaMcUmPolO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqw2ZSu76YonMEsjjgQf-koOIC8me0rFczeGS93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTM1NDM5MTk0ODc3NDU2NaAB1bbS6gPIAQmpAuEhCl3SGrE-qAMByAMCqgTrAk_QOIUJpjGYZ-POhoAzvbfkaS1FgX57y87DViByJm2EQMCyQHZ4OU0N9xBKhCCmVHpQcMhnlbbt4aVMy33IkM9Ob9GhAmNFaUDEL51rVd14b_8q3Peu5zYeq35T2VBXd0TWUkvLpoGq7YsqKhy64Vts32oqXw-dsbNjJ6bGAoiX0P-GA7IeybATp4uDkk2uImrNv5mNbyibNgxP10MhsBzyrHzQjNE1eSdMIWAiF5mV_lUhUArQX4CtNTlzpksc-cG_867Erd2ZTPyjkQq-oxNLBMkvz19eFg5dRru0OQG4PNwGSZl-pke4azpmPNi0ZAfxUKMePLE4P21dYPYF0Xs-ZPOUqAIjfFNiThtkoX7C3ZJW_zF6NgkfkhvRv3sDN6BZ8BzOeEdUB9HXICbv_1jqyRA239QjFfICII7SQts6RsIp5a0d3EYcQqKkrAo6jWFYAfxE9QBJfOwARNR1YkV0p30DnVtBDHCP3YAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31-B1GdUi9aV-kjS4Tg7t1FL2MyA%26client%3Dca-pub-1354391948774565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 959E 2 KB
1 KB 36ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 959E 308 B
636 B 17ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 959E 293 B
621 B 18ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 959E 43 B
347 B 34ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-2anoFgLZnpK0PxU1OnM9rwR6Znlv8VSLzsUVSCNhxVbCiaTkeVvCQfR_RsoVY7upt5h8wDB4M_qHvR4IRDgrIZzI0hnsStyGHHqcJq7Airs23FxRmh3WXcnIDMSSrYLDRnk1s8Cir2vgxyJu2e_8QPWGSqpJbn-jz5jx78swApbcxKzj6UNj1Vc9C29vMJzHdh_kAN-MXahGOrWVeA2BL_iAFfOAcfzD_zh-5GvwC4dQmYzwbi8vzb7xOYQwMjTnb4uCBIMqG0guDyXuzfBUd0gECEeIkyb589Dm97wi0QxdS_1M6_PDEqjRMvLZ8xuu3M4FH_pLpGhrMT236LhFjlOjV2nMjQULxcC2xlGCGFGc8OJq9yuIam0Mv83cmJit5gbiFaczZGEOVRf69nwXDB7-eL3XCRPpi6YRJ-RUcNt4RvH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2170044
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5D8C 2 KB
1 KB 34ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvruSgAEkk8K4FpHAAD8bQLnKhHZX8drH0vSAg&u=%7CMVDe7Za51SzIC3uIpTjrucS0KHRGFkSNbO9ITGO%2FE1g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdsnvy2VVlZR3iEPXmgXVL7r4Ty70jWAdFwMTa4liXugodTTrcwZgYnzBq0mD65uW7B9A0ixnrMinGdh1QoSNN6Jh-ol8z6xn4jtW0h4_SitBb8HrwfXgMVQ8q9RRqVHSOjyz64XYDs6B2a2v0Adpq6Hwqwi1CVfqsdR6wd61624hLb6rOIMPKrZNTfoU2cT2UkMyjzXBvHi00efv6WAL2aa0UAGm7X9qSdx2PmA_WBKJKp6lCzNY3eHVR7AyKeTvTmxyqTBxEbYLhsv3ErLdSTbNOrPpbdkOM-k8caNvXCIujEYRecYeBSv_ABAlijuD2AfVIYBCH1K8qe5pPaJSkk5Mh242OTQpHb7thllo41BXasXZbr03HbWRPpsrbr8YRTcTy4A_B_ho&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt2q1Su76Ys-kEse0gQft-IPAD8me0rFctZjj1pMBwI23ARABIABglcKmgrAHggEXY2EtcHViLTEzNTQzOTE5NDg3NzQ1NjWgAdW20uoDyAEJqQLhIQpd0hqxPqgDAcgDAqoE6gJP0KeDOHRfydCjs2kgr8on4uhiv_2Uz4vKxd5wsUdJYzaUDP1amVdWUKSNasJ8j-Y1bLmX2kf-jEJ1txMVtCwdHMh9pz4VDzrWeIs9mkdxTv8rvX1kyWfEmXY1Z2LYX-zZD_HdEko6Ow-GjBnNW23ogsEPz0mabsuaCuXMTOgQDqXb3XbmHTzQUJHg98PMe-c8qbdf9CoFGMCw6vG3k1sa2wRC0p_t9qKzzLYliV9ryOYMbnh_241i9wxFju8cuUOqkUzMAAZemGNluEDq67Td_i8zDzHFnsdfrPbF5UHT5K8Irz7yh7gVg5_60pWBovwVMuMC6xBkTkR-FqrfOWyQNB4aCgijAX2fg8--7eLhbTFs2WPK2dFqKUWy1pjrPRUPE_vrGRjjsOgTei9GY7JNmWjnsIBTn6hrkrrhPGG-_DXAyU07eYVhAhl2-EaiEZvTmcX4L1FtttFd3zyPVU6u2wRttbgruwcm8IAG752BpNeVrZsboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0quDWcluOCjIzGvhCX4G0ua-vgCg%26client%3Dca-pub-1354391948774565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5D8C 2 KB
1 KB 34ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5D8C 308 B
636 B 17ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5D8C 293 B
621 B 20ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5D8C 43 B
347 B 35ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=F8Z8X1gLZnpK0PxU1OnM9rwR6ZmL6Tt7e5l8-5rfrvC1Ic0hWEmk3VmYNpFjrSQNpk1WSfZMA5RQg6aVMDCJPv01WSsLVXum66na5JILoR0k7d09RZce47dS41hAT-vWmqz67yLo1iBvewFGxLm8HV-frlze12tN_opw-vgBgT0BcYYwNPQabZLrhVkJwEtahXVFYtr4k0wNgkLcWO7BLFAMSlM10-cKXKf2FIsbGqZ5odp25Ka4urU4Y9IRbYA1vrnflJ4pfQLRbhaxXNMDuqkWb5c95JHuxrIh-P19jphJpra175JIa4er8PmzFc2a9TNVon6RlognAvJDcczztQacYqTUyN5iliV0DXO1kxd5_2G-Xm3bO2DNudxt5cg8mWPZ2e25KQc9cuQi27lJ-ncaK9IihgJxZuR1qy1bvvahugQf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3611841
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3B43 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98c74bc880d5434ff68f0c08bd0be8777269148ddb56cedea03764d608bb1c13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2BB9 12 KB
5 KB 28ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjOZON8Ubnh9%2B7bLgPeb9cbdoIvdWnwjcGwqvG%2BrSWzoJasw6q6AACKHdQSapizacprcAwhmu0LIZfv0w6y4xGkccOXeAIpctgg4QT33voiOFn0RPUxGwyHcdovHdxbE1baMlqKuYkJgAkfdDrSCDOj3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73b648f30a2191d8-FRA
expires: Sun, 06 Aug 2023 01:09:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2BB9 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 2BB9 68 KB
68 KB 47ms
16ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 2BB9 68 KB
68 KB 63ms
32ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2BB9 35 KB
36 KB 74ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F498532715f9d4c2eb8c1c40789d2bf23_img_square_1.png&v=3&w=1200&s=mKypjbCbopw4Fn52Hv8TeEc9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30472153
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 36272
expires: Thu, 03 Aug 2023 17:38:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2BB9 0
128 B 59ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=aGNFnV9Gd9vghE1VrQI_iMYCL7GOVnTDOvgMZexDOw0YrLfH22lugQ2o8uO3WNjKDi_q9o_Z3nug4lBV3x578PYA9AY3cbPm8r9tg40UkM9Y056NOqKbDB4hw8t6gbtNiEYODs3fRzi8ARXuZUqPmzKDZlRs-h2MhzKQu4_4yyE0yjzXxzz-7E8Mv6bCCz7-EXimG8MsGuRecMm36wDDX9oA-7LkOSU_Z7zKJw6dA9Fr3UoBNxch4uZFuA5M6HrlQfJcxA&sds=2&rev=82415&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2BB9 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2BB9 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FAAF 12 KB
5 KB 25ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1657074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPWwKqJNNi8a%2F8Jr3PT6oXk2CUpb2CG19J%2FxpWazaCZzOamxNTZNMMCGunz8Gf1BS7tLu%2F%2BqmSozb%2BW%2FML1fGcaL6KCfsrWbjn0yEphuvJbBMsHN7CjuvxT5%2BoEgAlwByyPuUq097eetmi1ylGJdsEm8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73b648f35fe29b34-FRA
expires: Sun, 06 Aug 2023 01:09:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FAAF 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame FAAF 68 KB
68 KB 44ms
43ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame FAAF 68 KB
68 KB 47ms
46ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FAAF 24 KB
24 KB 34ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=XPRAud79PKlPO2n-2Elk2RGL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30532429
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Fri, 04 Aug 2023 10:23:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FAAF 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=s-Kibl9Gd9vghE1VKPANKAI4IyCNU_BMjg5P0_P3WJ71CvfcaEJurPbTyVQMDSFSeZI-gKKT_5-P83xd-p5nV1klWqMFE-jwbsM89L8yq3s9WnQW9u4Sy637e5EY0kXyCJPHsb4tweaQqt6rT6351eqmNsxVb-U_8gUk3SG12g57jihPKx3ClxFg50lCZSYtKve7lL62iaJlOEsUAb5DgH8Qm_j4zApfKH66asNT9Fo3l-CdShpGofX3s0RoOiEekGDwJQ&sds=2&rev=82415&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 01:09:29 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FAAF 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FAAF 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5D8C 12 KB
5 KB 68ms
68ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1657074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGnVuNb0QQv9QugAa4vave5e2Kfsv%2BUSF9nyc1sMmktWBFVJRv9%2BIpQwkE4ABi5J4Sn9HBKNOv715ze0KivMf58QfRld6pud1gGv6%2FQ%2F%2BTHKWrY1uSpeJ%2Fu7ddk1C4QASLdsIfnDvX3zpxUbC4pc%2FXJ4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73b648f3983f9b34-FRA
expires: Sun, 06 Aug 2023 01:09:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5D8C 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 5D8C 68 KB
68 KB 17ms
17ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 5D8C 68 KB
68 KB 18ms
17ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8C 35 KB
36 KB 18ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30472153
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 36272
expires: Thu, 03 Aug 2023 17:38:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D8C 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2CLmtV9Gd9vghE1VihG7h5Ybh-NL3z6z0zyOAd_qrNfor5yFRStda2_qYzvye5lPDjw9rO3RLmXxq5R-ljl69mqRvNJsIQ0V3k4TFBMXFdPESyTnCTqW6Gm9591PBJNxny_E5_l8vGIYTmFq2i7fXYEi9eBBggV-9XM_mqvcLvGVOQNOau217yuVP-jV4GRFO1Z3I-1fa7NCFVCD4hwDijo6vibMtk4peZk_aZTv1tY0tS-SApfhMytqSA1KUo3XT5EeeA&sds=2&rev=82415&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5D8C 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5D8C 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 959E 12 KB
5 KB 13ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1657074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4h1XrRqWezIeTxiuGX%2B8qAe%2FIrjD%2BBagITwwnRXd6hAIyweQFAfmxCg9rfBgwpJtRKNS5DXAakLcUAzLwEX75UFw6rFMze%2BsXzyuLn9y5hwubTpVfI4fqzrfyEt5GwJ07fwWxVi6YubKHlGCufemZV0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73b648f3e8b49b34-FRA
expires: Sun, 06 Aug 2023 01:09:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 959E 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 959E 68 KB
68 KB 17ms
17ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 959E 68 KB
68 KB 17ms
16ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 959E 24 KB
24 KB 18ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30532429
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Fri, 04 Aug 2023 10:23:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 959E 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=poF_AV9Gd9vghE1VrRWiqSQZXgPAYRJS0mwK48PBvYybsYp8HH49vzUWbbDiGX7A1fd0Ezt6K78prtRkIGo97jGHido8A3kt4u79VxwRMlBmJd9GySGOyz-hSVur4vLY1K8FcVWuyHOhJfUW9d4HzzCXCpLJuFDfpymUnmEC8ebkWhecEzLVBMPzvTJd5Hyf664qqQqP9e3hqr8oo2gn-beQtSm8FjdTr8MJ8pOT_c3PTFFK1qoMnTwaO1s&sds=2&rev=82415&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 01:09:30 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 959E 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 959E 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 01:09:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FAAF 24 KB
24 KB 19ms
19ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30532429
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Fri, 04 Aug 2023 10:23:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 959E 24 KB
24 KB 18ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30532429
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Fri, 04 Aug 2023 10:23:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
36ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220811&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd227c70c9f8a79139bb90336f2056d31d3f8780cb43e25ad73b407654c446e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 01:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11129
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 01:09:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BB3 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 22:28:51 GMT
expires: Tue, 15 Aug 2023 22:28:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5AAB 783 B
533 B 87ms
35ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19124769f1de9dc8515d5376461161ccded8068e9fedea87dbf53d1333fd1e04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mUgCiofsBcwA_GNj3aokyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moneysenator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-mUgCiofsBcwA_GNj3aokyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 01:09:31 GMT
expires: Tue, 16 Aug 2022 01:09:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BB3 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 19:19:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 19:19:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5AAB 0
0 81ms
81ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220811&jk=697827408738137&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9BB3 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hN8KEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:09:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220811&jk=697827408738137&bg=!GRqlGl7NAAa4hXTbmIU7ACkAdvg8Wmp2AwgImuSKllXeXTWEqkmyf71w2CWfGGjvl7ByKD97WL5X6AIAAABcUgAAAAJoAQeZAtdQ6wySvi3f0BFab3UpmhumbCI8jFpKaiFGyVFN8ZsfKPuR2L5r9R1D3Gov2cxYWuyeKrytHUtrSsBG3HOekFA40tylEAq-JC4HvQY9188nM3epUyGh_6CzIoZncHYPV91NOConpzuJvJ3psI--QoFKPvVGERHAB2v_XOSLkCxkg1y_hBAZorUUFPTIYUIs3tWz4hH_7gNlukMrRGm73nLUAnbgkfHrphQQOHE4HQtRpseeoUzPJYfewUAPfWN1qcyRJy4pLf8vp1U4mgNIly69rWucgqf0yduDXlCgTRTc1NmIk9jbL31hbhXg3TzI1SYOG2N6ggiECAXXm1U22Nu_SnEwWO3BOdB1u8xAfMHan6OCaZIb7Zd1_0LIR6j4MAOJJlw0LSx0GlM9EDlGH-dSqvSzqrpqIWI9Z0PSl5HWXbRVGr39Iac6Vm_W2nCbXq9XwiwGBGMAjW3lbcg6A1iDnoUr9tpQ2BhbuYvmA12SViyHTJ2Ij9gxe8gctrk6fzzgsh8sfHq_mkkpaA_VLGyL8WIwJiohTPqRO5U3tKS-VUlQSFZ4Up-2BNm_RdJLPsXztjUF2SfpQgeF9QXvDxyz8N2oi64V7ZfO1UrO6m-4uXlzuDs7Sl7mpvF_KhazZ1h3OpUpbYF-IEs3ERwQXaQxQ-hU3MQDS-5BS8CD7fm6k5DIAgRWMYjKWa9pned18m1ncrh249q8OQRqry9CIvPSEEfV_yqSBztYj7WRvGajYhhJJS_kEzwhrA6BGzyphnAQ8aW6-5xYLx3l4iHFBUMdMJ2G4bx8dP61j2ssrcknHvQv1ojQB2uG7T-a10cryi_S1ALsnKUs3eYrBxuHnUnk9uhbPI3uEFan-qwgTwSTp8i2a3tUd6950_1cO-NVYBWaITchGMFUKT9bnnl90KpCPeSBW2FGGcISXI_p-0v7sm-seL5z3bSPTqsp6oZBZ1nqA08uFwqO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moneysenator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48C9 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsq6J-mGTPxQZb2n5gNPLpJ4ZoOqKbSiQ7wQiQKVzUZqj7iYhtomJyeAvBVNcBBAf6OfFMUNovMRn-H5FpTQn6qLo&sig=Cg0ArKJSzKicXI_OJe1oEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=225,888,1000,1182,1321&tos=225,663,112,182,139&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2969136041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660612170326&rpt=199&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 01:09:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FAAF 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 01:09:31 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 2BB9 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 01:09:32 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELxGMcVkqz447hZNEnrcOn0&google_cver=1&google_push=AehlK4CVk8I4yxXgFNMl66y1Jv1ZlEf2fq_UJLnjuCADcOUUMwl9_SHtRjhkuA_Xp8k0wkzXDfca8aHkvcrCGJZ-OELg1xaxh6rl

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.moneysenator.com/	1970-01-20 05:18:18	Name: _gid Value: GA1.2.988911691.1660612170
.moneysenator.com/	1970-01-20 05:16:52	Name: _gat_gtag_UA_216937615_1 Value: 1
.moneysenator.com/	1970-01-20 14:52:52	Name: _ga_8JT5N79EM8 Value: GS1.1.1660612169.1.0.1660612169.0
.moneysenator.com/	1970-01-20 14:52:52	Name: _ga Value: GA1.1.192118761.1660612170
.moneysenator.com/	1970-01-20 14:38:28	Name: __gads Value: ID=90df12c77b1f58a6-227bc51bf4cd0084:T=1660612170:RT=1660612170:S=ALNI_MZAxZIzbBBWljsWne0k6Pu0qIhJSQ
.doubleclick.net/	1970-01-20 14:38:28	Name: IDE Value: AHWqTUnLS4q5te6jqyrVMxYUpr7swhZ682sNNpObX-MeIm1Avno5JrztLWEINdXFB4g
.quantserve.com/	1970-01-20 07:26:28	Name: d Value: EFEBCQHvJoEA
.quantserve.com/	1970-01-20 14:47:06	Name: mc Value: 62faee4a-77e2c-49a22-66199
.casalemedia.com/	1970-01-20 14:02:28	Name: CMID Value: YvruSspvoVja9ZLh4A14BAAA
.casalemedia.com/	1970-01-20 07:26:28	Name: CMPS Value: 5175
.casalemedia.com/	1970-01-20 07:26:28	Name: CMPRO Value: 5175
.casalemedia.com/	1970-01-20 07:26:28	Name: CMTS Value: 1199
.e.dlx.addthis.com/	1970-01-20 14:47:06	Name: na_tc Value: Y
.agkn.com/	1970-01-20 14:02:28	Name: ab Value: 0001%3AhsKSOIPg7T1X7tNnJycWXWAnZu5Cm%2Bd6
.agkn.com/	1970-01-20 14:02:28	Name: u Value: C\|0CEAqjarKKo2qygAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/	1970-01-20 07:26:28	Name: uuid Value: 58c68a63-96f9-498a-ad02-edec75255f0e-20220815 21:09:30
.addthis.com/	1970-01-20 14:47:06	Name: na_id Value: 2022081601093000015086891180
.addthis.com/	1970-01-20 14:47:06	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:47:06	Name: uid Value: 62faee4a8a42ca0c
.addthis.com/	1970-01-20 14:47:06	Name: ouid Value: 62faee4a0001acc83a804fe5b145858b3c8929499574bfd873cd
.dlx.addthis.com/	1970-01-20 06:00:04	Name: na_sr Value: 20220816
.dlx.addthis.com/	1970-01-20 05:16:52	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:00:04	Name: na_rn Value: 1
.dlx.addthis.com/	1970-01-20 06:00:04	Name: na_sc_e Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://moneysenator.com/wp-content/uploads/2022/01/header.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELxGMcVkqz447hZNEnrcOn0&google_cver=1&google_push=AehlK4CVk8I4yxXgFNMl66y1Jv1ZlEf2fq_UJLnjuCADcOUUMwl9_SHtRjhkuA_Xp8k0wkzXDfca8aHkvcrCGJZ-OELg1xaxh6rl Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4ALQPPBqUYHoWggx4HkNrp164lpvwbDeDEX_tu8zyS-0y5MTG1Ouaj05VStqNcIO77xs4MeIQbm9kEiC_hmf2ECpMJtnxVO&google_gid=CAESEJA2wUupML22a3VVKXTuPpE&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
moneysenator.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.everesttech.net
pixel.rubiconproject.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure.gravatar.com
ssum-sec.casalemedia.com
static.criteo.net
static.news.bitcoin.com
tpc.googlesyndication.com
webassets.inman.com
www.ft.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.111.215.191
104.18.19.126
142.250.181.226
142.250.186.98
151.101.2.209
178.250.0.139
178.250.0.162
178.250.2.148
198.47.127.19
2001:4860:4802:34::36
2606:4700:3036::6815:eef
2606:4700:3108::ac42:2b7a
2606:4700::6811:190e
2606:4700::6812:189c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
34.98.67.61
35.227.252.103
35.244.174.68
52.214.225.206
52.57.93.199
69.173.144.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03dd15a551c408fc3ee4496227c5b0798ead05885e535e47f3fa13b6d0fad687
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
17506f122bd1b5f997f23b9beb916ab06f88c3d8cbea5095fa8acd0a1cc07ae1
19124769f1de9dc8515d5376461161ccded8068e9fedea87dbf53d1333fd1e04
1a54c7c5279ebd8a0a2aae0088329f51f8f6044aecb87eaf89458360a8eaefcc
203785781bddc635b4631fa2e44f0401289cfd8ec4bf5694c4b48164d931d6cd
238b65091e35aa96c3397259b7b6447c3c2cb2eacdefd45fb49794bcebb1cb50
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a1875acdff0225e270cd1ef3c8fe30bf19366d68a999f008bc96ef7864514e
28b955a306ea82206481c4ea0b70376e05d38a1219aa57f8849abee6cff39a5b
2e79aac5114e088940eed9538ea9669f69e5f966da725f4aea3f25dacf3d420b
2f0950e4b963220c22e3da0e082a0c5173c170361fdf99f4d70a2eca795bad67
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04
3501d369c50027c72709114d575c21a4688aeb8ced4a9438927f991c60c45d11
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
445f6431a28ac79e8e4d865addf8dc6887aae9736bc236a5b45f0d4a65c991c3
4b5f23af8bf568a485435bb0804f0619bd24d615b4f89010ac77357a4d839735
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50eb69eb0b73e947ec9408e5a26db2c44af66735117de6d988272e040a952ae7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5a04f9ae572fea8d9306b4b173c5636eb97cb552e36754023a578753e321dcd0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c61fc8d0cffe6aab01c19bbbb9aecf5bf2942a275df58871cad182e10aaccbd
6c6a176f48aa43197ad5ccf47985deb85f54d0228c3c60cdf615801f60aaea00
6f4305c64be4a18d8fa3dd5fa84794df8012aeb8843b902ee3d89c8fd82b8b86
6fb1606b8c32cfd11d085aaf974f21d5411b1875fe225e14884fd8ee9f83e3d0
6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
75c48da0c2de6b357969f59ffb9152a2239089397ee29715d9cab44e3c26e80c
776f2b3177f7291c68ac469960c28b247ce8b08a4ca5d113c0c898d1c4eaafba
7945e2dee94844198596048771bc9b18862019d271779b36b2ae145259edd6b2
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
84f64586f3dd71280aa264aba2d068f6f2fd64cf039d37e4d4062c33e4e8fec4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1b5556dc7040f545569fa4873866e9164460c3743f77eb2dfaea5b75995925
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90704df38139902681a43c955953637c5edb4ced0af3c5f7dfb6c7eb17ed24ee
92b9d85377457150016bac4dfc14e238939ce78e9b4e6436c96b37f15d772b2e
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
98c74bc880d5434ff68f0c08bd0be8777269148ddb56cedea03764d608bb1c13
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a227b9d209dd7d69749f18a3d2387e59391d8401b2c05e375541f9bf7ce8d928
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6934d787bff5a09d983b12a34e2f8212254091513428f91d9f02325c3f68271
a6f69635652098f78c0f2609728feca0002a52add9776824e6deb6f50b92cd5d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9956b3cf88b957e5d80efac5128ebbe8d6d8919091968f2a337d8a6e73bfaf6
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
b242fd1d48462d0da59890c74e3fa23d341607431a0cc2e499fe5327662e68a5
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bedb34d7eeb82a42968d18d7d958133e36354167d525d4e59f9556f708ad9262
bf25e94f66c7c24e86aed41cbf292c98605d5c34a2168512c8d1b20b763428e1
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c379ec939ae56317a62c413fe89fdf98b3a7ae330eebefe3e323ebfc142fb3c9
c54765168b38a92659311463ac781cc8f4c1cae4606fe5f388e3b6a1090c6f8f
ce003d93f91dfd4c5b3bf4b0e60c825ed6f554593c10ade1714adc95b7b59a9b
d01ec0fe4da73a93f1549a095d910faecdfef42d82eaf5f0d3408d3396ddb2e9
d4bca9ac4229bcdd16b3135aade9f6cbc6fb68b1b949d08c306a04b0225ef9eb
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dd227c70c9f8a79139bb90336f2056d31d3f8780cb43e25ad73b407654c446e0
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
e9b1c72b7f940465e6dee64af1797c5413e2c754f0599167d2b4243caf44e28e
e9d0b7f21add27bad6c044cd95ffa5d7f96aa7d6588f84a4e29eeb6fd41aac8a
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6443c03f72270ebd430ada739aacad0e0634a842af410e49018672bbcabf60f

moneysenator.com Open in urlscan Pro 2606:4700:3036::6815:eef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

94 %HTTPS

63 %IPv6

31 Domains

41 Subdomains

36 IPs

6 Countries

3268 kBTransfer

5922 kBSize

24 Cookies

10 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

moneysenator.com Open in urlscan Pro
2606:4700:3036::6815:eef Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

94 %
HTTPS

63 %
IPv6

31
Domains

41
Subdomains

36
IPs

6
Countries

3268 kB
Transfer

5922 kB
Size

24
Cookies

192 HTTP transactions
5 data transactions