widows-server17a2.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://widows-server17a2.com/
Submission Tags: @phishunt_io
Submission: On January 25 via api (January 25th 2022, 9:50:37 pm UTC) from DE — Scanned from DE

Summary HTTP 270 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 28 domains to perform 270 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is widows-server17a2.com.
TLS certificate: Issued by E1 on January 25th 2022. Valid for: 3 months.

This is the only time widows-server17a2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2a04:4e42:4c:... 2a04:4e42:4c::666	54113 (FASTLY) (FASTLY)
2	184.30.24.194 184.30.24.194	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.130.154 151.101.130.154	54113 (FASTLY) (FASTLY)
4	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
36	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.203.121 34.120.203.121	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::ac43:b431	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	34.224.146.121 34.224.146.121	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3037::6815:2b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.246.74.180 34.246.74.180	16509 (AMAZON-02) (AMAZON-02)
2	34.252.133.182 34.252.133.182	16509 (AMAZON-02) (AMAZON-02)
4	65.9.71.173 65.9.71.173	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.211.168.6 35.211.168.6	19527 (GOOGLE-2) (GOOGLE-2)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2602:803:c001... 2602:803:c001::200:194	26667 (RUBICONPR...) (RUBICONPROJECT)
7	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	65.9.61.34 65.9.61.34	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:400f:801::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4017:80c::2003	15169 (GOOGLE) (GOOGLE)
270	36

20 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

widows-server17a2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a04:4e42:4c::666 (United States)

ASN54113 (FASTLY, US)

www.cnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.154 (United States)

ASN54113 (FASTLY, US)

at.adtech.redventures.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.203.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.203.120.34.bc.googleusercontent.com

urs.cnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:b431 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redventuresgamdisplay60805146916.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.224.146.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-146-121.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:2b8a (United States)

ASN13335 (CLOUDFLARENET, US)

www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.74.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.133.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com

sofia.trustx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

cnet-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c001::200:194 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.61.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-34.fra56.r.cloudfront.net

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400f:801::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4017:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124 584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com 8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com 750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com 12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com	265 KB
36	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	837 KB
34	moatads.com z.moatads.com — Cisco Umbrella Rank: 361 mb.moatads.com — Cisco Umbrella Rank: 561 geo.moatads.com — Cisco Umbrella Rank: 606 px.moatads.com — Cisco Umbrella Rank: 391	1 MB
23	cnet.com www.cnet.com — Cisco Umbrella Rank: 12255 urs.cnet.com — Cisco Umbrella Rank: 56056	483 KB
20	widows-server17a2.com widows-server17a2.com	375 KB
14	moatpixel.com redventuresgamdisplay60805146916.s.moatpixel.com — Cisco Umbrella Rank: 33967	4 KB
12	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	4 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	336 KB
7	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693	848 B
6	gstatic.com www.gstatic.com csi.gstatic.com	266 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 467	7 KB
4	cohesionapps.com cdn.cohesionapps.com — Cisco Umbrella Rank: 12026	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	41 KB
4	myfinance.com static.myfinance.com — Cisco Umbrella Rank: 15143 www.myfinance.com — Cisco Umbrella Rank: 13904	65 KB
4	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1580	188 KB
3	googleapis.com firestore.googleapis.com — Cisco Umbrella Rank: 2287	897 B
3	redventures.io at.adtech.redventures.io — Cisco Umbrella Rank: 26032	180 KB
3	go-mpulse.net c.go-mpulse.net — Cisco Umbrella Rank: 542	50 KB
2	myfidevs.io a.myfidevs.io — Cisco Umbrella Rank: 16829	166 B
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 939	41 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459	120 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 461	336 B
1	openx.net cnet-d.openx.net — Cisco Umbrella Rank: 38503	383 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1699	968 B
1	trustx.org sofia.trustx.org — Cisco Umbrella Rank: 2429	315 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 241	1 KB
0	rvapps.io Failed admiral-mtml.mt.rvapps.io Failed
270	28

	Domain	Requested by
36	securepubads.g.doubleclick.net	at.adtech.redventures.io securepubads.g.doubleclick.net widows-server17a2.com www.googletagservices.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net widows-server17a2.com tpc.googlesyndication.com www.googletagservices.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
22	www.cnet.com	widows-server17a2.com
21	px.moatads.com
20	widows-server17a2.com	widows-server17a2.com www.cnet.com
14	redventuresgamdisplay60805146916.s.moatpixel.com
10	z.moatads.com	at.adtech.redventures.io widows-server17a2.com securepubads.g.doubleclick.net
9	www.googletagservices.com	widows-server17a2.com securepubads.g.doubleclick.net
7	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
7	c2shb.ssp.yahoo.com	at.adtech.redventures.io
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
5	fastlane.rubiconproject.com	at.adtech.redventures.io
4	cdn.cohesionapps.com	widows-server17a2.com cdn.cohesionapps.com
4	c.amazon-adsystem.com	at.adtech.redventures.io c.amazon-adsystem.com
4	www.gstatic.com	widows-server17a2.com
4	confiant-integrations.global.ssl.fastly.net	at.adtech.redventures.io confiant-integrations.global.ssl.fastly.net widows-server17a2.com
3	firestore.googleapis.com	www.gstatic.com
3	at.adtech.redventures.io	widows-server17a2.com at.adtech.redventures.io
3	c.go-mpulse.net	widows-server17a2.com c.go-mpulse.net www.cnet.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	geo.moatads.com	z.moatads.com
2	www.myfinance.com	static.myfinance.com
2	a.myfidevs.io	static.myfinance.com
2	static.myfinance.com	widows-server17a2.com www.cnet.com
2	tags.tiqcdn.com	widows-server17a2.com tags.tiqcdn.com
1	12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	at.adtech.redventures.io
1	htlb.casalemedia.com	at.adtech.redventures.io
1	cnet-d.openx.net	at.adtech.redventures.io
1	apex.go.sonobi.com	at.adtech.redventures.io
1	sofia.trustx.org	at.adtech.redventures.io
1	ib.adnxs.com	at.adtech.redventures.io
1	mb.moatads.com	z.moatads.com
1	urs.cnet.com	widows-server17a2.com
0	admiral-mtml.mt.rvapps.io Failed	at.adtech.redventures.io
270	41

This site contains no links.

Subject Issuer	Validity	Valid
*.widows-server17a2.com E1	`2022-01-25` - `2022-04-25`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.cnet.com R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
at.adtech.redventures.io R3	`2021-12-04` - `2022-03-04`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.myfidevs.io Amazon	`2021-12-07` - `2023-01-04`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
sofia.trustx.org Sectigo RSA Domain Validation Secure Server CA	`2021-12-29` - `2022-12-29`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
cdn.cohesionapps.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://widows-server17a2.com/
Frame ID: B02C1FCB54A6C455FED3ABB717BC4D34
Requests: 135 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/38QDY-8CT77-8XNH2-VJQTD-EK4YX
Frame ID: B16F638011432FD7C1BADB84BE7F3BA8
Requests: 2 HTTP requests in this frame

Frame: https://widows-server17a2.com/?e=RED6250858657&_=%2Ftech%2Fservices-and-software%2Fwindows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet%2F%23fYDD1XjyY0xi4Hyum9Uxd7Vgh1UcKwrK6p0Twaw%3D
Frame ID: AE0805B5CD575FCAE563C11022415FD3
Requests: 1 HTTP requests in this frame

Frame: https://widows-server17a2.com/?_=%2Fembed%2FYHF2m-8wQdg%23fYDD1XjyY0xl%2B2r5jtM3d%2B5vhxweNA8%3D
Frame ID: 9D13E07853E9E184B6E0677847DEDAAF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: F58A4A32BA676CF16D1BB9EF5DE82777
Requests: 2 HTTP requests in this frame

Frame: https://f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 809FC7861D6020445F5A4394413E54EA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4XvdU6QBvlr77gwuJNC3g50JFNcpMrw9Lv274PnhzROEnH22MtvXwZZROCwL8vT-bO6uNNDI00Ahq1mqs2dLkHqBmeHsez2Cj0oC98O7ym_aqmwC6pL4zC-K04sEznZ6Qdb-Yk5V-okajoyaJUWRYi_-ID7cXLqoFoUAwawLlMWsEhPJWFr1nsA7N4e2VU1yVAPJk33iXBglLD7-4HV9XKcjIZ2yfWoYSL3Mlv0peS9ySQiC3LCaNUrotYlwb5WwKpszbhG5_X8i-M33DBzNpqHIUt4GVIsfAHW0Cx9JEtPjJGJMfeOWe3gKsAfMKF1qHDG1d3-E5Ny8n1KBJrBGxphJeoj3THG9b34pJaev_-yjp_bCrtS-eliofpA&sai=AMfl-YRk3zhtLLFNVmGiDLYclXkWNdd-hm5Lz7dMAy4CqoFRR8FMAIO7Tq22rwaytxnuEqN_zXGhM975qkqn410EzCYpbqYBVWNn5TtrrWwysQE1_oUbu7s7OkPqYtmPtnc&sig=Cg0ArKJSzECGLxU8ulOIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 73F00816D06C7AC9720BD7C1BB062BCA
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWfmo3kfg1zrmYX29jygDq-oO5w3jGlFcd23Df2PYh2wHKbtolsXuw6KuSmjmx919QcnQCpV5vmlbL7EEwWY2LAeGAndQbEa4A7phRW-BaYYJr98ONv4g48l7Y9Kb56foZowZlfCLT_bePxFRO5M1_xXyjgJAqxSb5zse8FRgzTTNUPVawL0S0xaSC6UWFQytGy3kE5olw1zCgydqj-_fFSe4SeZJQTr7VndfGwrz_f7I0_w4rtwBjIx5HKnYa-wLMKyayR1SX1xPcwB2pXXDqoN2y17jWLSmxgZ_6byjbEbSAKCrPOdTAqVWTvhTYIw9X0oiQpLYugKFqebctwIaXgCJ8TbwBWLbEcGbUyp739hkRkjFLbJytpw&sai=AMfl-YRWsvWrG_JZQkF0y9cN2n0K5SOaDEHtosJfn9vt9iTGbWImkt0-T-5DalhqfCr7wc8NAF9W5pBoA7TyeZvP_U8q5o4-ROMAj7FBvAPrw-icGFqYtbOr_QWWAuorzdg&sig=Cg0ArKJSzMzG43tAXNoCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4DC25CCC1BD0E1FE9EF1C3C626971ABE
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiaNaR8E7wlrBGd0RaFp7x8TTYZlK0WbM6wxqETdIsNNQcExajpfx2DlWSjO0Xdr8zf70U2vBz1ES0YiyFH_6Iw2Ytg7IJWzmwqycBz6hheJmRZJ3z5505h91RSa4OwM74iJ54_ZhRRiDqRnGGdHus3ofElUMP6QWSus7mI1KerDWCHcdzHEMjVMq_mDFaQhpomcMelwD2KjTRMkUwEYTJOes0PBbuYLbSY_ZogTzeAwOShYEhu0XtIVuCO3snzcyzjea_ByxiANnI1b7X4w5VKS_dIfO0UwDbl7UZdHf_sjTj3p9NgAOQzE9SuBJy2Ynq5ozDXqwBn2S_gBxpz7o8SATR2JG-i1wR-dFK06Kt0-ideoglTiR9iQ&sai=AMfl-YTbJ-jU-mS9FofgXawiuOu6HX0G9L5Bqq8KxibxS3jzqft0z7CB-1gw4fC50yVhhzXVPeuKIXD0wco56NelblAnHGjoo6gOzBiqNZvVvntt0yqho-i_Yj7q9niUf-A&sig=Cg0ArKJSzNWhsXVRms5mEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F60270FE6968B2D027F3BB4E84D8439C
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuefG5p5-yVjia_f4nheHipsz9-UnACUKDHdq2IU7Bq9SOhtw8XrzGOpjNYRHNNt-K7F1Gwbq_HYQuV1F1BFZPWyVJwVovTlD9YcbZQyHJVm2QNIiruBogtbqwOyeWw548Hn-CoMCcYh5f_lV-s3e8M2UEG4yjsb-AIRLhcu8two4dP3puM-1cDjqEHfLBBoHdVILw6Fj1DiskfeAcQQ2256hvT7w2xCJSSE8EQb-CBllcdcN4Jz8IaD-KNHIMCXX4TNXtPS1FNgGzZHhDgvQ9GCOx0Y0t9RLDWr1DSz4y8AWyKqyj_iZaqgO5RYW2e85Gl0hiYJd5H62l2qAa3s0CVVWAz_BT_EhrlxZoD08aVGS40mUGs4invEw&sai=AMfl-YR1756mXpgjyrFwmwZJ4wbzeX65zm6_nT2KGgkUaLaoTe3rq7oaoDaOoIz1uRZGY40J9CmaB3PWZMC6K7LgpSgUqgaycKy2odeR1H_eXtVwxt5oZ0mniUVyS-ZwUpg&sig=Cg0ArKJSzJtvDPejhhSkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B2403DDA1AD68ED821A8264F3C157C8B
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHVlbMVZcKTNE62dnKOXUp3RRdPrbBKw2A41wMbaB_O3PJUC8A9PyLNpbYbf5rYU42uCGWv20AQeR1pIocr2JvZG8aaqTb0P6LLbUR-pLjeXYZFysiFALjZLfrZkpb6U_uFYcNAWtj0MdYLY1WvFo26S9BoFQnMWUummMgovAm3bkpcJuhM2aIqRFhoOgoTDCDMPRVIIsju7rV-9baW_F4Vv8jO_oEGoaQgNY8qQGAO4JQSm1V-z2QgbwGVj6jyIg21jWP8SZqqTVCf6oMdQG9mlpzKc2b7LpaL9-gYnfC4lVPNmiISXXH3TIfBAhwtjb5Uo5GsTlGaN3Aho4tiu1UArGJmHEbFZ7Zb0LExLh59fm7OGS4CL9mgw&sai=AMfl-YQEIkJ2Av5CwOK3wbVKwY3AhA--hIgF4rxp_zMYNQBRdhtwIv-bDZNbiQMAgXFZ8Xl7WwkXXE_CzLrjWNa6tUO0WfL3B-fzqA5G1wzpfypzzX-TdoU2eG1tlPALxks&sig=Cg0ArKJSzDwufqiWpsG5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F043A233342A5BC6147BD0B2454102C3
Requests: 14 HTTP requests in this frame

Frame: https://584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2D7331FD6B1149003F1DE3C21BCA2B55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5EB50553D61C5F82B72B4C15C2B0989
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66C3CE2BD22740563DF75F5B69B7D5F0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcvDVsqDhljXlS_nFrvt-2zh4LirQYUEVeNyNA2dA-TNbVlyHCNjjf0TnYq1YMvwHLopWeLWl31rof0HlPV3R6CdkkejnNDrEyLlD9kqwbHTmDakjNe8YMR1PGBAHCTWPZsrOE7yBk3ApO1PrfW0okW7JRnEi-zMCtetlwPiTcd0TJaXT_yh6E3rmPCsPtA2Ha4DyTxY2-7gwgNVrkdklCPwQ9O_c4GhlnQWxoBjXiExM5YvBuL4r_SpWYyHRhJOkdImviZhA3mxqr29Fh_T2kh4g8DG-5DaZUrqRcFwYW28NW0f4YxovsGhOJciLX&sig=Cg0ArKJSzMuXZBEqxTwFEAE&uach_m=[UACH]&adurl=
Frame ID: 6A3FCCF00C29DD77D59C5BB2EA8B46E7
Requests: 8 HTTP requests in this frame

Frame: https://8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CC4ECD72FE5C2601AB9957E486DA19E4
Requests: 1 HTTP requests in this frame

Frame: https://750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 13CF336CB2B8870FC93375B69B6663BF
Requests: 1 HTTP requests in this frame

Frame: https://12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A64454945E51E2BDB087C797A2D00508
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWfvI4Kt1sBwMtOZshh6Pa6tGWLkJRoiQZ6p1lGRkOlkWirCzxkbgvbQ_JYCpg4HyV8xDaXHY07NPO72SEzY6mPDV_n4jrsVd2CAd58BfxaPF4Rdk9obiR-YGRaQn9lWS-uYgS93mXsNR7_ddkNl6Ak94nH12LqRxzt0yFXutCYprHO4xtFAvy5EViFkwxV-sZjBvjsbC_2hHFXAYIoyuMSUOC5f9PcoUV18eoGxp9T85dlNRquNdJObUrovQWb-b0Kl52HxyuEOn7MjlxnhPCyNef37dHRVg66JSBfr_pY2GdIs9HzR37U6Y5Q1jR&sig=Cg0ArKJSzIr_l94x-UOiEAE&uach_m=[UACH]&adurl=
Frame ID: 5BE9A5F34C11EF175885394D35B5BA24
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-dtgsI7nj7LdjDOd4Ka8mCcg6p6Noq7PgMpwGqpplHaRhxzFda_BMU-kSjB_BwVHgBQoSZrzRuTsq4yE9i5dlU48rz-yigs40sCX2KgBN4vasWFEj5jp8MUWa0l2gxuTfsx0948pwrYoAfNTSM-6IPzlgT9S8Pk9kxtqOCzacHhLnkGpQq5F5WDeJ4-UEdUFljxyk9lBybnmLwueOCElJAInTY9En3ROsjV_nzlIDX0ayyeQqBaxj0mvtMqlPOBHjTy-ZbdEWf9xGfQOljsUZ7sx39nKuXhPXCRCGmHSF-qweGRdoOnYJBN1h2ywM&sig=Cg0ArKJSzOZeawnxOWa-EAE&uach_m=[UACH]&adurl=
Frame ID: 88584686823304D189B2CBA2973BED7E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqGNUomSWfP5M3CEIJMguPTmfyeNI7cB67W9yBa1zPVwFrLn63YaHiBS0JRaoM3CXhemGiZuUiOd-GlaGgX_fuooQOQhnsphJWT8I6eogNhbrpyjtJ56MBFbTgfqguKFyYE_CFwMXBHlQOJhtEe34i5OwTcdbr5_WZNt7A-B2a_Di1jNwr1HmgVtdBAZVs3HogcFat4vK45R1IvhFVgm3VeFlPnuEhYBjRBZxfRSNZzpmVv2oEEMA-wC4pCHiD_c3ypSah-UD3tLOOFIUwEuyo4UGHIDSxk-pmAyNPtOKogRON9yb8I4smjlrKx5EY&sig=Cg0ArKJSzCD_5o2UmsXHEAE&uach_m=[UACH]&adurl=
Frame ID: D535EF1B29E5946E27F297A91ECAE982
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B15CC9F0146F42584B50D5A5C34E3988
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5345104ABDDCD75B306617081FD5C85
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6DD4869DF9EB3D3858CE4C43DC799689
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F508C675B30BE500AF6935407A7A25DB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D035BF3D3F978FF957EBCB173643711
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77A8DD3DF9F828DD88ACB4AB153EC812
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF31C7F21AC7B9A55DE00826ECE7BF89
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E28A1A834DEA7D81244F2BB7A5FE446A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows 11 has arrived, but here's why not everyone will get the upgrade yet - CNET

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

270
Requests

96 %
HTTPS

49 %
IPv6

28
Domains

41
Subdomains

36
IPs

5
Countries

4249 kB
Transfer

12636 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

270 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
widows-server17a2.com/ 201 KB
52 KB 483ms
431ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea39b392cc58d573c0f7b6a5d92f728351e2a5e110b48a8b28d45332990ccd0c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 25 Jan 2022 21:50:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj4fY%2BJVsr5VkMl5Efz53f2Oa4YEBwHCr5sCEV9WJtTtCwaVLMtxWvcaeX9ziL9MaiW4A8S%2FPZlKdB4pcg%2Fn4WqXjKvYeUH3WrKTasB86oMW6aWgXtv3v2tvhMeBzsNfXkEaKmodLBXYK6eym60WN8dSw5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d34b797aafa6909-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
widows-server17a2.com/ 20 KB
20 KB 260ms
259ms Font
application/font-woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FProxima%2520Nova%2FRegular.woff2%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Request headers

Referer: https://widows-server17a2.com/
Origin: https://widows-server17a2.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtPiKVO9S25ifQMaJrQ97sRqOE%2Fix%2BHTh5E4C0yBzOnn2iyK7KFrlv1Ir9lIrNWaecW9FiTXdurfS2h0FgHwn%2FPdoAAnKamzpGx6DG%2B75IMQ%2Bof5cX8JC1ZCVdM0dwf5v5y2X7U9HJhEdw27yJo1gjJ5RDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cf-ray: 6d34b79a78b96909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20256

GET
H2 200 /
widows-server17a2.com/ 20 KB
20 KB 268ms
267ms Font
application/font-woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FProxima%2520Nova%2FBold.woff2%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190c76b7dfa194f92a1cf47e3cbee1f291554f583d9e21e31b79af0f9a9b34b6

Request headers

Referer: https://widows-server17a2.com/
Origin: https://widows-server17a2.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mb5qSprVk%2BXDvQXBhFz5QdxpuOqr%2F8dKwuusko09hpgEfkyJsDHcKsEc%2Fu6%2BF2qt1lVqz5xB0WPfymlg2qtidYiWFq11Vp6t3yFssG2TMUrl%2BBTvSWbCkmtRuEjK%2Fe7yvx%2B8EncVJqN%2FL%2FJh78eW2v5FBYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cf-ray: 6d34b79a78ba6909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20392

GET
H2 200 /
widows-server17a2.com/ 22 KB
22 KB 297ms
296ms Font
application/font-woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FProxima%2520Nova%2FExtrabold.woff2%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6101a1646eaf1e2bb68a9e7412d600fe98d11be3ec15ce59ad927a31d8b429a7

Request headers

Referer: https://widows-server17a2.com/
Origin: https://widows-server17a2.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgZqfixrnpYoI7gWYeKQsvMDJEA4ELXrc0iqN0R7tGO7uWk2KH0rSsl379tZ%2FkzLYnkEZGyyFIBeexyr0sbUuLqshufWyjFzX4160YFhJGabejzxo17Jfpf2U%2BZd99wGwlRSpdO7%2BHbuV5KzonrOlhylNZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cf-ray: 6d34b79a78bc6909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22016

GET
H2 200 /
widows-server17a2.com/ 227 KB
46 KB 285ms
284ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fcss%2Fcore%2Fmain.desktop-908703d61e-rev.css%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1919e55bc80b1e71c14129a3ff943a5627245b854bb2ac91c71a43ba3e0eb9bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9FECRYsopCavtwl8bcg2B4OqfmgWpxtWVkTDuudtgYIlApB3l1IJPREvRPCY0btO986g29i%2FNTtPwSLA%2BJlcnbK06vXoiSMJsbuaMxKVnbgVrHtS8yNckilu2ny2YCFGkiXnO2O3ainvTlB%2F%2FMk%2FvRdCHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 6d34b79a78bd6909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
widows-server17a2.com/ 20 KB
4 KB 271ms
270ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fcss%2Fcore%2Fheader.mobile-5f066e5b3a-rev.css%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ba54c17f264ca7fc2ad1d4d124314dca3311981b5d0a07453977d3e650953b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTHa80TQw8OfEE5Ls4LRd0gzQlgbqOuZZ6yo3k%2BzcxNy7dqAMitpvG8FP7GH3jPEjRBSifZOEWBOFHQ8wrUi833CkiXJ7xaDZ366CP8n%2BPcSIE04NKIXTkqLSM3NpI5YNqG9iAGzTjGr5Yi8ISIpbPsMWsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 6d34b79a78be6909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
widows-server17a2.com/ 274 KB
41 KB 324ms
323ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fcss%2Fcommon%2FarticleReview.desktop-9745708b7d-rev.css%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f8ed84b542ba1da556d2bfe1cee41136ed60bb9a28e6ac06b95b73bd57ef8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTpviRsV9Lr5MRNEcDsE3sJp6CI1G1L%2FvgJkzzKMqey5bWJpDFn69BhgHirDfdN15ZhwOAMvNm%2BtpVNXxv4%2FO%2BuO3qAQChEPRz8Bm%2FVmsyha604qqemV3fcJtZ5UUvW0ePbsMVc1PhCTme7%2BbthCsgmc7uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 6d34b79a78c06909-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
widows-server17a2.com/ 19 KB
7 KB 235ms
234ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fscripttemplates%2FotSDKStub.js%23fYDD1XjyY0xx6HP5lNMtaPJojlMKdQ3X4w%3D%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME0aL2RlNbsAiPM%2B7ejB9WZffqYcbH0Eh5rrsN%2F%2BtobKDUCpKNw1VNHbEXm4lhPokkqxmMKN%2Bp9vWbbEWcLnYtIZYPy0Wd%2BhpI6uoewkRH9Hv53PEA2XJxoGxQNZdbab3k9AWEKlarcMX5G5We8iR6gwjTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d34b79ec92f693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
widows-server17a2.com/ 36 KB
11 KB 169ms
169ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Fprivacy%2Foptanon%2Foptanon-v1.1.0.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErNO1SS58SD2jSyXjOBtKMSKv7VRs1DP1AeXDojVB%2FzeKhfSGVTZ211mk%2BlMdXVHjFVkULBD6PizMMfoaxknwuX27nCoSs6TB9OLg5nKHkZl5zA9%2FU5HHgnjrOwpWORO8DOpbfnHXjfYWbl55c8WamZ0%2FmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d34b79ee959693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
widows-server17a2.com/ 5 KB
5 KB 161ms
160ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widows-server17a2.com/?_=%2Fa%2Fimg%2FYzz7yGLEdt6QNuwZqFJ0JcO8CaM%3D%2F84x84%2F2019%2F09%2F04%2Ff91f9063-68ae-4d4c-91e0-fb4f313fabdd%2Falisondeniscorayome.jpg%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8149ee7691962dbe8eefe2aecf36ca14e44683cb93002a54a9c0144bed567c32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BayN0Wi%2FgKKYPrT7lWNdM0M%2BYa1gzz3jUm7vJ2iX8j82bglki9Y6DXV7mjWbm7wPiMJKs9L9jBdUQX5jIYHvodRtGCrio2tABHr%2B0Ux6DcOxUkvnS8E3qsBlJd6lVVJVn3vwfJOl2nWkgRyf6Vvs94enuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 6d34b79f098b693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4824

GET
H3 200 /
widows-server17a2.com/ 5 B
489 B 267ms
266ms Image
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widows-server17a2.com/?id=b388ea36-382a-4762-a09f-354813a1542c&_=%2Fdisplay%23fYDD1XjyY0x7oX66kJEjbvdqz0IPNAaL5YhN1LFgC4h2m9o%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtUqAT3pEcu7N2mxW7xXE7pnX7rksq7TfnLjiilOmuhquCRBOEt2hv2Cs2MErQhCbhK8LE5lHdBCh7VBfIh6ITGKmTsR5KoPJN8JPOhy66rOHN6gz1gSGv%2B3Ia3nxZbzKmBbsTpis6EXrXO%2FdNBtupzJzGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 6d34b79f098d693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5

GET
H3 200 /
widows-server17a2.com/ 87 KB
88 KB 274ms
273ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widows-server17a2.com/?_=%2Fa%2Fimg%2F2Rvk6muNvc6Y8_8SFn133skQF1o%3D%2F1092x0%2F2021%2F06%2F28%2Fcc888f57-711c-40b9-b874-028a8c20bc87%2Fwindows-11-update-on-laptop-cnet-july-2021-pool-table.jpg%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfe28ac8aaa3453846a4dda19874460f86e9b4cb98979aab7cfcc4d4354193d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7njIXEe3uiTRHUy%2FRKRm8QdxcNlDp9DP6K7bt60vAlZyBJaSD3gnVP7EZ7ra%2BW0FULx8aeXCB4W11d2X6vn0cb5w1nKjKFkfKR0HoWgupy%2BX9tKvssTPjQeux02BKxAh7EYTDYULy9e0fQ0m%2BsMNZYb%2BkuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 6d34b79f098e693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89300

GET
H3 200 / Show response
widows-server17a2.com/ 564 B
711 B 152ms
152ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Fnative%2Fnav.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4930aed2cdc1f584db2af5440ddd11ea9b51884ae822802e180d02049c2d92ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fWPsOgs78LKs%2BDZvEtaQwDA263zIrOyA2dzw%2Fb4Dw0Bry5V8Lrl8kKs9cJpPZQJWCGuh40%2F4c0v0xxdEQoVW%2BieB9hA4rveE7eztMYVRtD7GY%2BIAp9VoP9J78mu6o0gnEGr8esTws157ejnvdWXKpSyhFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d34b79f0990693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
widows-server17a2.com/ 16 KB
7 KB 169ms
168ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shwUkFyCMSunOvS5XWS0bQZ8R5BG5z4RHfBnmVkd92g5kipKryXMgiClPAZKwpAt%2Bs9QLS9pEQXsdgj52i1MFqsboJijZAWQHIXomH1k27sbNZYCiXYSkFgf2ufZLeNFYPTsOLhSM89vlJIBFJWTO8l86dw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d34b79f0992693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 38QDY-8CT77-8XNH2-VJQTD-EK4YX Show response
c.go-mpulse.net/boomerang/ Frame B16F 205 KB
50 KB 69ms
19ms Script
application/javascript 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/38QDY-8CT77-8XNH2-VJQTD-EK4YX
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 21:50:27 GMT
Content-Encoding: br
Last-Modified: Tue, 02 Nov 2021 06:22:27 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
H3 404 / Show response
widows-server17a2.com/ Frame AE08 2 KB
1 KB 285ms
285ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?e=RED6250858657&_=%2Ftech%2Fservices-and-software%2Fwindows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet%2F%23fYDD1XjyY0xi4Hyum9Uxd7Vgh1UcKwrK6p0Twaw%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e6541b07f9c3b306a517917eedb53d7c7bfa006faf6673aaad98c9d96f7023

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdG2o4n%2F85WuKkGt7R7iTMdPykzUcn0VppZa%2BUDVw3RbQT4PDlmk52ceBWI3S6CAnNKGLSQx5YZlm4wa%2BMz1b72%2BuKJ8nl0Oo%2BMFSoa9BCSoYHirVn473q49Nb9p9PLjm2UKIn1pkYOnz3mbNY6rILgk8Js%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d34b79f0995693a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ Frame B16F 68 B
346 B 54ms
22ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&d=widows-server17a2.com&t=5477158&v=1.720.0&if=&sl=0&si=f251d93a-5fdf-446e-9d90-f4c26b1e2f21-r6aco2&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/38QDY-8CT77-8XNH2-VJQTD-EK4YX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Jan 2022 21:50:27 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 68
Content-Type: application/json

GET
H2 200 main.default.js Show response
www.cnet.com/a/fly/ea56a9-fly/js/ 215 KB
66 KB 63ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/ea56a9-fly/js/main.default.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

936f45495bf05d16e25cc7258b143de40bf4d5147c5950a702aca51d6476ec65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 20:00:36 GMT
etag: "a9d54d8fc30ce4ab050e2d10d5307c35"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 67059
expires: Tue, 01 Feb 2022 20:02:55 GMT

GET
H3 500 / Show response
widows-server17a2.com/ 55 B
557 B 144ms
144ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fscripttemplates%2FotSDKStub.js%23fYDD1XjyY0xx6HP5lNMtaPJojlMKdQ3X4w%3D%3D/consent/d7b19758-74b7-4244-8f94-61299f58ea38/d7b19758-74b7-4244-8f94-61299f58ea38.json
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fscripttemplates%2FotSDKStub.js%23fYDD1XjyY0xx6HP5lNMtaPJojlMKdQ3X4w%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262b9f64b0f097d7fa0cd46c9d7fb42542b2a3eca1ff6dc36b71f3e199c0b0a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SipKPXLYkqUADVUdjRTe4PykOlxc1NmBze4B6N9nd2BgheAhK5jd9VUC7%2FRysCQ0NAZJ6E5v86N4v8JVGYehoEril7NBkLICuwgQKsIxg%2FvSw3KvOUWzOVBQiBnU64nr5au5pko6GhoRQ6ZUsCeze6zhvO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6d34b7a05c65693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/redventures/cnetglobalsite/prod/ 136 KB
41 KB 78ms
23ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/redventures/cnetglobalsite/prod/utag.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5515be95b3541ca1aa07bf5e4144e3e4e050dd91e29f91d700d4be92752942e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Wed, 05 Jan 2022 20:20:14 GMT
server: AkamaiNetStorage
etag: "ec1ff192c30775cc14ac7a55982e9216:1641414014.347141"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:55:28 GMT

GET
H2 200 bidbarrel-cnet-rv.min.js Show response
at.adtech.redventures.io/lib/dist/prod/ 647 KB
180 KB 54ms
16ms Script
application/javascript 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae9c76eb11910946ba18297c9e0b6b98168fe0e3283f7589d95fed713af57dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront), 1.1 varnish
age: 136
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 183710
x-served-by: cache-hhn4082-HHN
last-modified: Tue, 11 Jan 2022 22:13:14 GMT
server: AmazonS3
x-timer: S1643147428.011184,VS0,VE1
etag: "29b754f29d5f00e63699d749bf111d61"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=900, public, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: tmxVcgt3ZFHb5UvJMH8mtC5FH7y7AyAMpSueH_sjoZ6trqtV85oOzw==
x-cache-hits: 1

GET
H2 200 mpulse.js Show response
www.cnet.com/a/fly/js/libs/ 60 KB
12 KB 17ms
17ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/libs/mpulse.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f336d157ea725abc96d756462a6c77a86cf9ba8a859b7019e905100ecf7b488

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:27 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 18:28:55 GMT
etag: "d490fd97f9f9e13a601b5d6899eaf162"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 12259
expires: Wed, 26 Jan 2022 02:00:34 GMT

GET
H/1.1 400
Bad Request config.json Show response
c.go-mpulse.net/api/v2/ 24 B
189 B 34ms
34ms XHR
text/plain 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&t=1643147428003&s=b3881c5048d6518a1a32d670b776afc4ccdcb33f7b3ebc5945106915ce087806
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/js/libs/mpulse.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0f74dbed1d29665781e054861d07a1321aaee5d29c834876752e86d96f075c4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Jan 2022 21:50:28 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 24

OPTIONS
H2 200 diff
at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/ Frame 0
0 171ms
138ms Preflight
text/html 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/diff?variant=core

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: 45da79b0a0a5562f82f458e9101589b8
server: Google Frontend
accept-ranges: bytes
date: Tue, 25 Jan 2022 21:50:28 GMT
via: 1.1 varnish
x-served-by: cache-hhn4068-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1643147428.154897,VS0,VE123
vary: Accept-Encoding, Origin
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/ 170 KB
33 KB 48ms
15ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 057b2578ff4e8dd9f63e394780db5a41ae1558538b6bcaf0a69ebc054b419a1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 21:50:28 GMT
Content-Encoding: gzip
Age: 1071
X-Cache: HIT
Connection: keep-alive
Content-Length: 33657
x-amz-id-2: k9GoLeXRtNwGShtPQdf1OtWMMVIbNg4R6wyOJQZX7YuGWTTYgFYcAJ8VfajfenfKN4P+YjJWGZU=
X-Served-By: cache-hhn4044-HHN
Last-Modified: Tue, 25 Jan 2022 21:09:55 GMT
Server: AmazonS3
X-Timer: S1643147428.132992,VS0,VE0
ETag: "4ff0ea94f145e7dd0d9de75cdc755135"
x-amz-request-id: 3ZMH3DJQ0N6V85AP
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 38

GET
H2 200 diff Show response
at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/ 183 B
353 B 155ms
155ms Fetch
application/json 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/diff?variant=core

Requested by

Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8469169d0eaaaf8ab95d5077aee0b101c59fdd981bbeee209670f2b5665dab63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cat: ZQSJcT1mO
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://widows-server17a2.com/
variant: core
version: rv2.25.12

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
ttl: 900s
content-length: 177
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4068-HHN
access-control-allow-origin: *
server: Google Frontend
x-timer: S1643147428.293912,VS0,VE139
x-frame-options: SAMEORIGIN
date: Tue, 25 Jan 2022 21:50:28 GMT
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 72299b86abe3202be1bba2e427fd1e66
cache-control: max-age=900
etag: W/774fe79d1901a7e8e1cf89d5290ffe758eade7ae
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 16ms
15ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=redventures/cnetglobalsite/202201052020&cb=1643147428117
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/redventures/cnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 25 Jan 2022 22:00:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 115ms
76ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

db3e4132eb81ca1453b5c8a44ccbdade8720f169da8f23ac3a3bc6d4d9d29085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27052
x-xss-protection: 0
server: sffe
etag: "1113 / 307 of 1000 / last-modified: 1643136847"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 21:50:28 GMT

GET
H2 200 article_video_test-cf6934121a-rev.js Show response
www.cnet.com/a/fly/js/pages/desktop/ 334 KB
89 KB 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/pages/desktop/article_video_test-cf6934121a-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a6d7ea8f945b215a7f814ef25ce2c6b98d1ebf64ba3370641bb9a0e761cbad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 18:29:06 GMT
etag: "dbaf3e42bded90b6ff94950b721477a9"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 90481
expires: Wed, 26 Jan 2022 00:44:28 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201241151/ 188 KB
60 KB 15ms
14ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201241151/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496885495c6d469b10e907f25147b3a672566c3a5ea0e6a432c0dc4d409e8aa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 21:50:28 GMT
Content-Encoding: gzip
Age: 151
X-Cache: HIT
Connection: keep-alive
Content-Length: 61152
x-amz-id-2: 105W/W6G4qrNRaJmfEyXre5lky7djZywlTMFih0QHxK2AFlOL0sLJ7EJCWNV0FDbBzhkEA/6WH8=
X-Served-By: cache-hhn4044-HHN
Last-Modified: Mon, 24 Jan 2022 16:52:56 GMT
Server: AmazonS3
X-Timer: S1643147428.160563,VS0,VE0
ETag: "590bcde485cdde682b368dea326645c3"
x-amz-request-id: 4ZAEE24R0K4DVWYZ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 193

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.1.0/ 12 KB
5 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-app.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18de5cf69a219d96e4893face075b87cf39858701e63cfc6e0a069e1e79738f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4048
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Thu, 19 Jan 2023 16:07:26 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/7.1.0/ 160 KB
160 KB 77ms
36ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-auth.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b766d96e65691c3d05e08120e72cef01873b97c47a2827eacf4f589f8eb0623a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:15:36 GMT
x-content-type-options: nosniff
age: 38092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163454
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 25 Jan 2023 11:15:36 GMT

GET
H2 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/7.1.0/ 358 KB
93 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f5ac6b43f6acf5949acc9f633aae7af8a74a9d1210fdad0a9f3f9fd31f17e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95426
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Wed, 25 Jan 2023 17:54:00 GMT

GET
H2 200 firebase-functions.js Show response
www.gstatic.com/firebasejs/7.1.0/ 8 KB
8 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-functions.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b74ffa52355fe62c1b8cd95c60227724238677736ac0c100ee87511558d0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:59:19 GMT
x-content-type-options: nosniff
age: 6669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7887
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 25 Jan 2023 19:59:19 GMT

GET
H2 200 video-player.js Show response
www.cnet.com/a/video-player/uvpjs-rv/3.2.2/ 933 KB
248 KB 22ms
22ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.2/video-player.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b142fded07d33f32b5b756e428f255aec4c063229d7ac7be52d804503acf5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 22:34:11 GMT
etag: "eb63c3b519672cb04868be7023fe58e5"
vary: Accept-Encoding, Accept
content-type: application/javascript
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 253770
expires: Wed, 12 Jan 2022 23:09:57 GMT

GET
H2 200 urs.js Show response
urs.cnet.com/sdk/ 50 KB
50 KB 157ms
120ms Script
application/javascript 34.120.203.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.cnet.com/sdk/urs.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.203.121 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

121.203.120.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 17:00:48 GMT
etag: "5ffdd5c0-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51203

GET
H2 200 disqus-count-1.0.js Show response
www.cnet.com/a/fly/bundles/flyjs/js/components/ 2 KB
820 B 20ms
20ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/bundles/flyjs/js/components/disqus-count-1.0.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a72aa163f673b0228fbee4e556096cbafa4f5c2fe68ec2080c30fff8daf3f6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 22:39:44 GMT
etag: "5471487b51a2f60e0273e296f030ddfc"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 713
expires: Fri, 28 Jan 2022 13:54:41 GMT

GET
H3 200 pubads_impl_2022012503.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
118 KB 38ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0df32c790bf3e270685bc509c332943cd48fb6fb60cb8bce8d2ce0c33782fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120954
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:45:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:48:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 56 B
93 B 47ms
25ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

12fb1146988c0971cec55d14d923e7a4c8b36edb0394cc0ab10ba758968274bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Tue, 25 Jan 2022 21:50:28 GMT

GET
H2 200 link-tracker-ea39e5f518-rev.js Show response
www.cnet.com/a/fly/js/components/ 726 B
512 B 15ms
14ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/link-tracker-ea39e5f518-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4832c8abf98eb9eb3aa330ec5c33dc192d7c940680f11a9e72d82a74f1042b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 18:09:38 GMT
etag: "b390b26957644f3cc9461e61d0477307"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 404
expires: Tue, 01 Feb 2022 18:19:02 GMT

GET
H2 200 read-more-0ac39818d2-rev.js Show response
www.cnet.com/a/fly/js/components/ 3 KB
1 KB 15ms
15ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/read-more-0ac39818d2-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

84a491b5ca0d75ef37dca2a3e52d8fefc0632fa45046b0e5e6710c7d5e5bb971

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 18:29:03 GMT
etag: "17174147bd4a8336551550f8fcc2b7e7"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1149
expires: Tue, 25 Jan 2022 23:35:27 GMT

GET
H2 200 track-cwv-a0fced62e5-rev.js Show response
www.cnet.com/a/fly/js/components/ 236 B
304 B 15ms
15ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/track-cwv-a0fced62e5-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b3b2fb20c7112dc96d8693c7d7bf31f524f016c2f81952ea5a82444fd0ede41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 19:55:43 GMT
etag: "fb38857f3be1d16f548d3a539faec901"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 196
expires: Thu, 27 Jan 2022 15:48:59 GMT

GET
H2 200 lazyload-element-e183f949f7-rev.js Show response
www.cnet.com/a/fly/js/components/ 2 KB
992 B 15ms
14ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/lazyload-element-e183f949f7-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5aab77d1e975faf8b66b4ae8e2ccecc178b32680b1b09eaa1b7fcb50f7454c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 00:07:09 GMT
etag: "0a9f815020926fd7b278223fe8e5db49"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 787
expires: Tue, 01 Feb 2022 05:51:15 GMT

GET
H2 200 myFinance-widget-6c202450ac-rev.js Show response
www.cnet.com/a/fly/js/components/ 795 B
555 B 15ms
14ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/myFinance-widget-6c202450ac-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad7f0672ed74b2d0fb68bad63424a2ac419489e4607406dc51b7ffe7617cf4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 18:29:03 GMT
etag: "61f6de531a451aaa7dbf31d2749727e9"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 471
expires: Wed, 26 Jan 2022 00:44:33 GMT

GET
H2 200 interest-ecd302842b-rev.js Show response
www.cnet.com/a/fly/js/components/ 3 KB
1 KB 15ms
15ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/interest-ecd302842b-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3166557b79148276fd17a1f9de3bedd6f66527a14fb0a2cfe84583fe1f8d12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 02:50:23 GMT
etag: "05a5b2bd7817aa9eb4c4ef73ccb12d94"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1168
expires: Wed, 26 Jan 2022 04:10:20 GMT

GET
H2 200 windows11-hardware-requirements-v2.jpg
www.cnet.com/a/img/PPpYEvnvPVw8svl7JdvDB-BnC98=/196x110/2021/09/03/b9d1697e-fe25-40ad-aaa6-f75fb25f00bf/ 5 KB
5 KB 16ms
16ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cnet.com/a/img/PPpYEvnvPVw8svl7JdvDB-BnC98=/196x110/2021/09/03/b9d1697e-fe25-40ad-aaa6-f75fb25f00bf/windows11-hardware-requirements-v2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b6ad7aab6200c888b8e3b999c8cdb1762a8536004daa3816075ff3bee550aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
last-modified: Sun, 05 Sep 2021 12:00:36 GMT
etag: "6456639c880d35585c7b2189c722880a"
vary: Accept-Encoding, Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31560000, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
timing-allow-origin: *
content-length: 4830
expires: Wed, 25 Jan 2023 02:31:16 GMT

GET
H2 200 yt-windows-11-first-impressions-41.jpg
www.cnet.com/a/img/LAAcE05k60U31lTxJa5URoAPahM=/196x110/2021/06/29/1c71a277-e32b-4507-98df-3ab5d6484721/ 7 KB
7 KB 17ms
16ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cnet.com/a/img/LAAcE05k60U31lTxJa5URoAPahM=/196x110/2021/06/29/1c71a277-e32b-4507-98df-3ab5d6484721/yt-windows-11-first-impressions-41.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da97b2576d66f01e543a3e9a77081d9ccee0d8a21fdde5ee7bcfb7b7921d87ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
last-modified: Tue, 29 Jun 2021 04:12:57 GMT
etag: "563f192c453b6e3002672991989a50fb"
vary: Accept-Encoding, Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31560000, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
timing-allow-origin: *
content-length: 7292
expires: Wed, 25 Jan 2023 04:29:23 GMT

GET
H3 404 / Show response
widows-server17a2.com/news/windows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet/pubdate/xhr/ 196 B
672 B 129ms
129ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/news/windows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet/pubdate/xhr/
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/ea56a9-fly/js/main.default.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://widows-server17a2.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvDDZCfDKrAn7k0oOvVmLPg2lwNUfwzkRzPkHfgGLGlQFAcGHZSzppJierDMdYXS4bRcCLgpjNLc0gKLQI5Iz3%2BWV%2BAIGgmDPtoYNg9Ot%2B0KDT%2B15Vifcs%2BiyzGh%2BHwDp6f15BQVj3iCCNoIKFqKrPZ5N9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6d34b7a3bc36693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 inlineMedia_core.js Show response
static.myfinance.com/widget/ 185 KB
63 KB 98ms
49ms Script
application/javascript 2606:4700:3030::ac43:b431
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia_core.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b431 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706abd330a796e08ed8d1443fe93c44b83d07ec5f759aad192587f581589fedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6140
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PKW2AEHRPQYX45MN
x-amz-id-2: WKWTyoIegATi2JSyoadlR3s3pIiTCandrgcsUxXOGjUlLm9umD6xqYDBWHti12uufKYFRzDFc7M=
last-modified: Mon, 24 Jan 2022 21:52:25 GMT
server: cloudflare
etag: W/"32a73f7da8e35f29058dce19f4e3c3c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdRv5mAo%2BuklcA22Xd1F5apsorqrBkar3zznD%2FIBGw%2BR374d9mNf%2FEa6%2F0tDX9%2FNEybYcygaSZbsjMYJl%2FIHxG9cpBqEkp%2FMalCCZPZiS5Y6K9CdUB3iaRaBUKoyt9ix2CSEu7VdczMm1KkcTyGXayNQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6d34b7a41e4e9273-FRA

GET
H2 200 interest-ddf6324c20-rev.js Show response
www.cnet.com/a/fly/js/translations/ 114 B
232 B 15ms
15ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/translations/interest-ddf6324c20-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d37c3eef0e47bc854a1ba7b2dbdec01b0f036e339eaa124c6deba8d2898f3eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 00:07:13 GMT
etag: "cbda5e4471d3a5b7441637806ca5b006"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 124
expires: Tue, 01 Feb 2022 03:12:05 GMT

GET
H2 200 core-web-vitals-724d4fab0b-rev.js Show response
www.cnet.com/a/fly/js/managers/ 560 B
480 B 17ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/managers/core-web-vitals-724d4fab0b-rev.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

106f31f1d5f1d6f0e560168ae9977701ec72c297374fd2ecc5def16b27268e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 19:55:44 GMT
etag: "450bb86633928ff2a850fee65239f9ce"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 372
expires: Thu, 27 Jan 2022 13:35:02 GMT

GET
H3 404 / Show response
widows-server17a2.com/news/2a1c6e58-9d8b-4896-8b0c-f59a7ef02931/audio/xhr/ 196 B
670 B 143ms
143ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/news/2a1c6e58-9d8b-4896-8b0c-f59a7ef02931/audio/xhr/?slug=windows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet&typeName=content_article
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/ea56a9-fly/js/main.default.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://widows-server17a2.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRs7EOl0678nUSVdUja1PUEP4cYncB%2FBYGdedK4sZipXYPqKUR1E%2Fmoar5ifFwWIVFQsbol76N%2FC%2F11IgFz6Z9HyZsVXYpGpnpHoaCoIivyvSv1NbiUZ8s%2F5dkHDRdwE1%2Bm4sNAEIoVyRxDAwvittlnLv5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6d34b7a3cc47693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 moatheader.js Show response
z.moatads.com/redventuresgamheader644747280705/ 240 KB
82 KB 60ms
16ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c735b342e7ee91c2b73a6510f330680c6df6fa8e02f060db89f7054b727a4a80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:54 GMT
server: AmazonS3
x-amz-request-id: TP4TY9E6TN7ZV53R
etag: "20500de41816502439730cd6b980d2d2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44135
accept-ranges: bytes
content-length: 83848
x-amz-id-2: qQw0PuU+laYBUsOxdl3Au+M+pHLwZNBAf0o6/yH0ZgMWnWjHJ9lC9O4JZz35wzyeZSB1OMfr9Fk=

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
547 B 214ms
161ms XHR
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fi-cnet-engagement-prod%2Fdatabases%2F(default)&VER=8&RID=89589&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.1.0%0D%0A&zx=g8he8lvlm50n&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c7b84cef152931d2c19876f3c91cf9bba71c10afef843f8e8effbae3035800a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: u85ajMYp21buH9pFNgKA-09YwBfZ2gDoiw9S310VVcc

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 329ms
103ms Preflight 34.224.146.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.146.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-146-121.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: *
server: Python/3.7 aiohttp/3.7.4.post0

GET
H3 200 myFinance.css
static.myfinance.com/widget/ 3 KB
2 KB 72ms
42ms Stylesheet
text/css 2606:4700:3030::ac43:b431
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/myFinance.css

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/fly/js/components/myFinance-widget-6c202450ac-rev.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:b431 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: N3XFBASK876EGTT2
x-amz-id-2: GhTnm0imvHcG5TjtlJaDWxnKXXGMeQMW2I9fdLZZHhpiFlc2x562Nr1LJT5KxiBbrGLuok04/bA=
last-modified: Mon, 12 Jul 2021 14:22:18 GMT
server: cloudflare
etag: W/"528a38ce39fc58a866c1226253bbb189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Sv4KIs%2BfMCXaimrmmOm8S3nSBbT%2Bbvqqen1XvEI3EzfwNGi%2FwLBK%2F%2Bn5yDwb3vjnAtrXfdq5s76CWf8e1Vi643DL90ChfjsiWZuIrtvCfytQoGVoeX9ZYUmVj32QOy9%2FcLwneHLsYISZeiSeb12NGV5tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6d34b7a4cb365c9e-FRA

POST
H2 204 record Show response
a.myfidevs.io/ 0
166 B 130ms
129ms XHR
text/plain 34.224.146.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: static.myfinance.com
URL: https://static.myfinance.com/widget/inlineMedia_core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.146.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-146-121.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 25 Jan 2022 21:50:28 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.7.4.post0
access-control-allow-headers: *
access-control-allow-methods: POST

POST
H3 200 v1.5 Show response
www.myfinance.com/api/au/ 38 B
849 B 475ms
432ms XHR
application/json 2606:4700:3037::6815:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93aWRvd3Mtc2VydmVyMTdhMi5jb20v

Requested by

Host: static.myfinance.com
URL: https://static.myfinance.com/widget/inlineMedia_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce98257dc9ab9092e17aeacf8d20aa9eee43ac7bcdbee90267eaa4505f659c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: application/json
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
allow: POST, GET
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9lLZobrTfWlThPjqUJKzB8wtPB9tXhLOrqtGuUeedS1pdgjW7zByIe%2F3bQebTuSnbvoYAivTp%2BoEZO4wgjCqPUdVI8d8%2FAUxWelGkccztgFQGOI1Fdz95ADU2cuvh5WDOPrCP5dYc8QcUYR2OB3Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
access-control-allow-origin: https://widows-server17a2.com
vary: Accept, Accept-Language, Origin, Cookie
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d34b7a5fdeb904f-FRA
expires: Tue, 25 Jan 2022 21:50:29 GMT

OPTIONS
H2 200 v1.5
www.myfinance.com/api/au/ Frame 0
0 169ms
118ms Preflight
text/html 2606:4700:3037::6815:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93aWRvd3Mtc2VydmVyMTdhMi5jb20v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
content-type: text/html; charset=utf-8
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Moma9%2FMuhkdQlwHrimuCap7yK8org7ygGDfOV24dCBIbh%2F7sK8sMYqcAr67wX0NRWfXo%2B0C%2B%2FSv%2Bh8K7cczoaFhFtZatQhOprYIJvEM8fUImMcnql6Bcd%2Ff0rxDz%2BjZ%2Fd0h5SEY5nMgqu5%2FJXXTNLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d34b7a4fa1991d1-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 309 B
484 B 196ms
63ms Script
text/html 34.246.74.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwidows-server17a2.com%2F&pcode=redventuresgamheader644747280705&rx=161755661368&callback=MoatNadoAllJsonpRequest_81146935
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 0255b84536d7a95436c94260db2bde8d5f261ed2900812c6713c1cf8a246a4e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "b6c00462d60f1f3a789a98d955397ca8d1cdaf58"
content-length: 309
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 84 B
258 B 167ms
40ms Script
text/html 34.252.133.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1643147428631&de=760085832379&rx=161755661368&m=0&ar=3902fe7180d-clean&iw=522fc51&q=1&cb=0&cu=1643147428631&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A1299%3A1299%3A1936%3A1286&jk=-1&jm=-1&fs=196551&na=782992501&cs=0&ord=1643147428631&jv=415777395&callback=DOMlessLLDcallback_81146935
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 5ea0f1b45f2573f658938dc4e0ee600350796cde09fc904d60e548f510935ebe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "8906f9b2274775e2a646e26df775427c4aa2d72b"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 85 B
259 B 167ms
41ms Script
text/html 34.252.133.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1643147428631&de=760085832379&rx=161755661368&m=0&ar=3902fe7180d-clean&iw=522fc51&q=2&cb=0&cu=1643147428631&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A1299%3A1299%3A1936%3A1286&jk=-1&jm=-1&fs=196551&na=544126068&cs=0&callback=MoatDataJsonpRequest_81146935
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 83b7ac6d0b34e5c29fb9a8a3769d8a0589b6a11e7dbf671e7ea2b155e1c68feb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "6f916b97f762afd42c89fe1529b981d746576279"
content-length: 85
content-type: text/html; charset=UTF-8

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 709 B
350 B 680ms
657ms XHR
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fi-cnet-engagement-prod%2Fdatabases%2F(default)&gsessionid=u85ajMYp21buH9pFNgKA-09YwBfZ2gDoiw9S310VVcc&VER=8&RID=rpc&SID=pp7h1bOKQBxVwur42W5qeA&CI=1&AID=0&TYPE=xmlhttp&zx=ont4pvdxpje0&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c7dcccbaf127c4596cae4ca7528e1d1da5b965089c27abd9b87874e9cb05a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

GET /
widows-server17a2.com/ Frame 9D13 0
0

GET
H3 200 / Show response
widows-server17a2.com/ 77 KB
22 KB 171ms
171ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fext%2Fcohesion%2Fcdn%2Fcohesion%2Fcohesion-latest.min.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c64dde9d4019e737080bdb7812dd5a0649dab879229f8a54c285816a0608f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BYq%2B7LCuIV46G1FZ9JRmi1EaT8ziEDBirpFMvM5gRF88xK95d2G4LVCgBYg%2FJqq6oXzR%2FV1fdDElJAMvGHt0ouaT6iiUpboV41VkXluKxwxNQCZHrOmeqxbw%2FqguJqLehIO3L8bcsz6S2r5Q4Fq25Wk%2Bj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 6d34b7a73c98693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
widows-server17a2.com/ 60 KB
25 KB 309ms
309ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widows-server17a2.com/?_=%2Fembed%2FYHF2m-8wQdg%23fYDD1XjyY0xl%2B2r5jtM3d%2B5vhxweNA8%3D
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fa%2Fprivacy%2Foptanon%2Foptanon-v1.1.0.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee306b4c36481d05b71ff2e7caebee8d6fdfa2d9eddf2ef1e6f1aa791775e4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doZ3kY6CPanZOaM2PRYU3p7FE2OJEEqBzNeKw4htIS0VHNyW3QpLb415j04R3QW0WpIg6Nuww6ebh5Dn79WvtLNXaZVC6UM%2FIFUn80%2B5Q%2FbD3qZogD8so8LnBFfWHFu3VRTXo6FDTuy4OXdEPgy5pgNxtmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6d34b7a73c9b693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 84ms
18ms Script
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 621
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0XQAJ9WS9TMM3T673M1G
date: Tue, 25 Jan 2022 21:40:13 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AkFicFPi3DZ3QbU1u8xigEJJL2NROw87RtFAur48esfxS6LPXnhJcA==

GET content_suitability_id
admiral-mtml.mt.rvapps.io/api/v1/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 838 B
1 KB 308ms
261ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9d1402d683aad37e412b0e399e30ad2dd7566d0b60a289cfc7b5da6b7a144052

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 Jan 2022 21:50:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c4c8b457-2e06-48d0-89c8-67a4b33994fd
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
315 B 701ms
273ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=77639%2C77591%2C77593%2C77616%2C77588%2C77614%2C77613&sizes=728x90%2C5x5%2C300x250%2C300x600%2C11x11%2C970x250&r=9d26c696d7b9aa&wrapperType=Prebid_js&wrapperVersion=5.5.0&u=https%3A%2F%2Fwidows-server17a2.com%2F&wtimeout=1000
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 Jan 2022 21:50:29 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 384 B
968 B 123ms
46ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F22309610186%2Faw-cnet%2Fnav-ad-plus-leader%7C180f01c3a635fd4%22%3A%22728x90%2C5x5%7Cgpid%3D%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%22%2C%22%2F22309610186%2Faw-cnet%2Fmpu-plus-top1%7C199f0167ef9fda9%22%3A%22300x250%2C300x600%7Cgpid%3D%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%22%2C%22%2F22309610186%2Faw-cnet%2Fnative-mpu-middle1%7C20ef9b08ff37c92%22%3A%22300x250%2C11x11%7Cgpid%3D%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%22%2C%22%2F22309610186%2Faw-cnet%2Fmpu-bottom1%7C216ceea638e9e2b%22%3A%22300x250%7Cgpid%3D%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%22%2C%22%2F22309610186%2Faw-cnet%2Fincontent-ad-plus-billboard-bottom1%7C227667f7ea24311%22%3A%22728x90%2C970x250%2C5x5%7Cgpid%3D%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%22%7D&ref=https%3A%2F%2Fwidows-server17a2.com%2F&s=653b7d19-8743-4ac0-bebc-b790c6c4dab8&pv=155ba92e-aaaf-41cb-ab65-30680e3583d9&vp=desktop&lib_name=prebid&lib_v=5.5.0&us=5&ius=0&coppa=0

Requested by

Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0c7e50cd5a271ca64070782bc65f2668ce40f3800640b4b316e27f79b01b35a3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 21:50:29 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 234
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
cnet-d.openx.net/w/1.0/ 73 B
383 B 79ms
29ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cnet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwidows-server17a2.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=394ee031-17ac-4031-9d79-67223ef07fdb%2C4e2a71f1-5833-4c77-9fb0-747be297f79b%2C4e2a71f1-5833-4c77-9fb0-747be297f79b%2C82bd4b42-f2dd-44f0-bb37-f24c0ee44425%2C752a4573-e99f-48d6-a41a-65a588b23582%2C7e32f67e-1fda-4b1e-91d2-d4bf9c41d858%2C7e32f67e-1fda-4b1e-91d2-d4bf9c41d858&nocache=1643147429230&aus=728x90%2C5x5%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C11x11%7C300x250%7C728x90%2C970x250%2C5x5%7C728x90%2C970x250%2C5x5&divids=nav-ad-plus-leader%2Cmpu-plus-top%2Cmpu-plus-top%2Cnative-mpu-middle%2Cmpu-bottom%2Cincontent-ad-plus-billboard-bottom%2Cincontent-ad-plus-billboard-bottom&aucs=%2C%2C%2C%2C%2C%2C&auid=544096465%2C544096429%2C544096432%2C544096450%2C544096426%2C544096470%2C544096473
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: bfe9668672a095f9fc720a967cf250512c212afd0c1016e88fe82a3fa4b8e2e4

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:29 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://widows-server17a2.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
336 B 182ms
129ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=678600&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2231c9472804aa17e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwidows-server17a2.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232986c763a11187%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22678600%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A5%2C%22h%22%3A5%2C%22ext%22%3A%7B%22siteID%22%3A%22678600%22%2C%22sid%22%3A%225x5%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223332a65cc71a549%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22678568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22678569%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22356cfc06b5b7ec7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22678595%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A11%2C%22h%22%3A11%2C%22ext%22%3A%7B%22siteID%22%3A%22678595%22%2C%22sid%22%3A%2211x11%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2236048f08d9e51a2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22678567%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2237c6f5f55d0d9e1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22678592%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22678593%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A5%2C%22h%22%3A5%2C%22ext%22%3A%7B%22siteID%22%3A%22678592%22%2C%22sid%22%3A%225x5%22%7D%7D%5D%7D%7D%5D%7D
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fec7bd59be23ba1a42b4a4a5197614ed6b15a615dc143ae565d71c12f67de3a7

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:29 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.133], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://widows-server17a2.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Tue, 25 Jan 2022 21:50:29 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
1 KB 659ms
166ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23386&site_id=378834&zone_id=2099582&size_id=2&rf=https%3A%2F%2Fwidows-server17a2.com%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=394ee031-17ac-4031-9d79-67223ef07fdb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5686169997631396
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 134d0d9de174eceb1ec3499baa37b901eeb171c7d2e160075494349a1ece5608

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 21:50:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
1 KB 781ms
287ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23386&site_id=378834&zone_id=2094830&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwidows-server17a2.com%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=4e2a71f1-5833-4c77-9fb0-747be297f79b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8988273224483727
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 02814d2be4e2739695499d7893413689443742983c4c369772b25a071d53f63b

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 21:50:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 304
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 663ms
169ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23386&site_id=378834&zone_id=2099572&size_id=15&rf=https%3A%2F%2Fwidows-server17a2.com%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=82bd4b42-f2dd-44f0-bb37-f24c0ee44425&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9867159775753787
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1f249af3f9359dfd41c4b454ee7771e71e210aab343055c67a9a942d8fa7dbed

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 21:50:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 691ms
178ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23386&site_id=378834&zone_id=2094828&size_id=15&rf=https%3A%2F%2Fwidows-server17a2.com%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=752a4573-e99f-48d6-a41a-65a588b23582&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8110778132143102
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 181e582d51bf6b840d4e4cea2588b8bb5447fde8ade1a062790fc0f280a23118

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 21:50:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
1 KB 687ms
175ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23386&site_id=378834&zone_id=2094862&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwidows-server17a2.com%2F&tk_flint=pbjs_lite_v5.5.0&x_source.tid=7e32f67e-1fda-4b1e-91d2-d4bf9c41d858&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7592465809543891
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1519b749cd811cb5baa139b013cdc298e956c02e35bdb02b2417a7b7f1cd4f3c

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 21:50:29 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://widows-server17a2.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 303
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
79ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_728x90_29&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 34f7a0590097828de42efc75b6dfd3259c1f0eac8651c7c6bdf8ffaaf348956f

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 153ms
120ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_300x250_4&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 755330c0a88de5c230517e85380c1e35d762233145ba1d682af19a079f0f6e77

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 123ms
90ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_300x600_1&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 85de4afa13f2573e875d1dab4b5ef0597e8717e58b3cb3173cd2dfa407c5e98a

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
78ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_300x250_11&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: cfd3e60148c70c05a0449117c6a14272d57cf7bd65ebc56240eb7c09ba8f47e9

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 120ms
87ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_300x250_3&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 129d8ed0345a121aa001c5e13b98a0487371c9a2a2578bd9da31e64d71324b99

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
80ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_728x90_22&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f3239eac54d1c4aebf47516a684313bb34acc6e41fc92e1effcb48a863e49930

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
296 B 108ms
76ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96947b017a7a15964715fb5eca0010&pos=cnet_dt_970x250_9&cmd=bid&secure=1
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 86da2a7fc69897a306315b9d9444d6c53cb69f66efdc1eab0d1550f2a15e5c35

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 84ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://widows-server17a2.com
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 554 B
907 B 111ms
111ms XHR
application/json 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5062&u=https%3A%2F%2Fwidows-server17a2.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 70401ae9d420bc1232d43a35db3ad0c6bb95bcd41272477e961a844011d26ea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:28 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 554
x-amz-cf-id: 4zEDVOpyH159wsL431_Eq6Oy62Q3VHLzuVSGsj5Ewui5l4TSFogOIg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 170ms
170ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5062&u=https%3A%2F%2Fwidows-server17a2.com%2F&pid=6v0cAoX53N3rU&cb=0&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22nav-ad-plus-leader%22%2C%22s%22%3A%5B%22728x90%22%2C%225x5%22%5D%2C%22sn%22%3A%22%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%2Fnav-ad-plus-leader%22%7D%2C%7B%22sd%22%3A%22mpu-plus-top%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%2Fmpu-plus-top%22%7D%2C%7B%22sd%22%3A%22native-mpu-middle%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%2Fnative-mpu-middle%22%7D%2C%7B%22sd%22%3A%22mpu-bottom%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%2Fmpu-bottom%22%7D%2C%7B%22sd%22%3A%22incontent-ad-plus-billboard-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%225x5%22%5D%2C%22sn%22%3A%22%2F22309610186%2Faw-cnet%2Ftech%2Fservices-and-software%2Foperating-systems%2Fincontent-ad-plus-billboard-bottom%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: DTBC8Z1XC2PZ2B6G4TK5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IQla59aqJ1KiFxgYA1qsSbaYsKCZPcVznKynI7QBlF0jzbJoT5CY8g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 430ms
397ms XHR
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: TMRzCggT2PPxk4KgVMqMDNUnO-y_y_aTBJOHrVzePIq1aSt7dGPykw==

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 51ms
17ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 47ms
17ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 46ms
17ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 45ms
16ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

POST t
www.cnet.com/ext/make/ingest/v2/ 0
0

POST
H2 200 decisions Show response
cdn.cohesionapps.com/preamp/api/v1/ 1 KB
1 KB 223ms
164ms XHR
application/json 65.9.61.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cohesionapps.com/preamp/api/v1/decisions

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fext%2Fcohesion%2Fcdn%2Fcohesion%2Fcohesion-latest.min.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-34.fra56.r.cloudfront.net

Software

Resource Hash

d18b319c207d7b09f63b3596f0451b5c458c20004814d7f33459b3f91ce99fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
access-control-allow-origin: https://widows-server17a2.com
x-frame-options: SAMEORIGIN
etag: W/"460-y9Asuipau/iVrqpBRpXvTMBINaE"
x-download-options: noopen
x-ratelimit-remaining: 199
content-type: application/json; charset=utf-8
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-ratelimit-reset: 1643147490
x-ratelimit-limit: 200
x-amz-cf-id: 8g4kDNUJiN4ZxQoDHNbTygf47dtmU0Jt66uUyhSK-jpVlGHyp6ytLg==

GET
H2 200 xs1.html Show response
cdn.cohesionapps.com/cohesion/ Frame F58A 2 KB
1 KB 67ms
15ms Document
text/html 65.9.61.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fext%2Fcohesion%2Fcdn%2Fcohesion%2Fcohesion-latest.min.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

content-type: text/html
date: Tue, 25 Jan 2022 19:09:11 GMT
last-modified: Thu, 06 Jan 2022 13:02:59 GMT
etag: W/"10b2c1751c2247b1aeccc91060f971cf"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qAIJcu-EO6QQk-uw4qkLYfbr7402-EuJo-lg3jVwh8acnfTAuwXUuQ==
age: 9679

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/ 170 KB
33 KB 15ms
14ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 057b2578ff4e8dd9f63e394780db5a41ae1558538b6bcaf0a69ebc054b419a1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 21:50:29 GMT
Content-Encoding: gzip
Age: 1073
X-Cache: HIT
Connection: keep-alive
Content-Length: 33657
x-amz-id-2: k9GoLeXRtNwGShtPQdf1OtWMMVIbNg4R6wyOJQZX7YuGWTTYgFYcAJ8VfajfenfKN4P+YjJWGZU=
X-Served-By: cache-hhn4044-HHN
Last-Modified: Tue, 25 Jan 2022 21:09:55 GMT
Server: AmazonS3
X-Timer: S1643147429.408614,VS0,VE0
ETag: "4ff0ea94f145e7dd0d9de75cdc755135"
x-amz-request-id: 3ZMH3DJQ0N6V85AP
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 39

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201241151/ 188 KB
60 KB 14ms
14ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201241151/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496885495c6d469b10e907f25147b3a672566c3a5ea0e6a432c0dc4d409e8aa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 21:50:29 GMT
Content-Encoding: gzip
Age: 152
X-Cache: HIT
Connection: keep-alive
Content-Length: 61152
x-amz-id-2: 105W/W6G4qrNRaJmfEyXre5lky7djZywlTMFih0QHxK2AFlOL0sLJ7EJCWNV0FDbBzhkEA/6WH8=
X-Served-By: cache-hhn4044-HHN
Last-Modified: Mon, 24 Jan 2022 16:52:56 GMT
Server: AmazonS3
X-Timer: S1643147429.436946,VS0,VE0
ETag: "590bcde485cdde682b368dea326645c3"
x-amz-request-id: 4ZAEE24R0K4DVWYZ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 196

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 17 B
0 123ms
123ms XHR
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://widows-server17a2.com
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

GET
H2 200 xs2.html Show response
cdn.cohesionapps.com/cohesion/ Frame F58A 473 B
834 B 14ms
14ms Document
text/html 65.9.61.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cohesionapps.com/cohesion/xs1.html

Response headers

content-type: text/html
content-length: 473
date: Tue, 25 Jan 2022 05:01:03 GMT
last-modified: Thu, 06 Jan 2022 13:02:59 GMT
etag: "ffa03bed298484a7755ca23c5431cb28"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: tRgedOaSd7P73SLdihzeygXv4I5rs0JQVDumHO5YkOR_46saJJultA==
age: 60567

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 16ms
15ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

POST t
www.cnet.com/ext/make/ingest/v2/ 0
0

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 15ms
15ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

OPTIONS
H2 400 t
www.cnet.com/ext/make/ingest/v2/ Frame 0
0 16ms
15ms Preflight 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/ext/make/ingest/v2/t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://widows-server17a2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
date: Tue, 25 Jan 2022 21:50:29 GMT
cache-control: max-age=0, private, no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

POST
H2 200 confirmation Show response
cdn.cohesionapps.com/preamp/api/v1/ 3 B
577 B 139ms
109ms XHR
application/json 65.9.61.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cohesionapps.com/preamp/api/v1/confirmation

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fext%2Fcohesion%2Fcdn%2Fcohesion%2Fcohesion-latest.min.js%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-34.fra56.r.cloudfront.net

Software

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 25 Jan 2022 21:50:29 GMT
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC"
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 3
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
x-download-options: noopen
x-ratelimit-remaining: 198
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ratelimit-reset: 1643147490
x-ratelimit-limit: 200
x-amz-cf-id: kCjeBj3_GVulR7a8di9c-oiDfqlW0bz8DrS9lDrRD4N3bRvY7BFLoQ==

POST t
www.cnet.com/ext/make/ingest/v2/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 63ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 64ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 106 KB
17 KB 102ms
102ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3664785128545466&correlator=1826815719228102&output=ldjh&impl=fifs&eid=31061814%2C31063377%2C31064231%2C31060033%2C44755510&vrg=2022012503&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=22309610186%2Caw-cnet%2Ctech%2Cservices-and-software%2Coperating-systems&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x66%7C5x5%2C1x1%2C300x250%7C300x600%2C320x50%7C300x250%7C11x11%2C300x250%2C728x90%7C970x250%7C970x66%7C5x5&fluid=0%2C0%2C0%2Cheight%2C0%2C0&ists=16&prev_scp=pos%3Dnav%26sl%3Dnav-ad-plus-leader%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dnav-ad-plus-leader%257Cvguid%253D9546bdae-8dbc-4630-8685-a892f432521f%257Cpv%253D1%7Csl%3Dintromercial%253FT-1000%26iid%3Dunit%253Dintromercial%257Cvguid%253D9546bdae-8dbc-4630-8685-a892f432521f%257Cpv%253D1%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dmpu-plus-top%257Cvguid%253D9546bdae-8dbc-4630-8685-a892f432521f%257Cpv%253D1%7Cpos%3Dmiddle%26stc%3DPDm281QAgRa4ZbCUbg4onNo1%26strnativekey%3DAKVVxuLpfqUsBfc9PjwYoAC3%26sl%3Dnative-mpu-middle%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dnative-mpu-middle%257Cvguid%253D9546bdae-8dbc-4630-8685-a892f432521f%257Cpv%253D1%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dmpu-bottom%257Cvguid%253D9546bdae-8dbc-4630-8685-a892f432521f%257Cpv%253D1%7Cpos%3Dbottom%26sl%3Dincontent-ad-plus-billboard-bottom%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dincontent-ad-plus-billboard-bottom%257Cvguid%253D9546bdae-8dbc-4630-8685-a892f432521f%257Cpv%253D1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dgb_measurable%252Cmoat_safe%252Cgb_measurable_2%252Cgs_tech_computing%252Cgs_tech%252Cgs_tech_phones%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26section%3Dnews%26contentType%3D%26pid%3Dwindows%252011%2520has%2520arrived%2520but%2520heres%2520why%2520not%2520everyone%2520will%2520get%2520the%2520upgrade%2520yet%252Cmicrosoft%2520windows%252010%252Cwindows%252010%26sectopic%3Dtech%252Ccomputing%26topic%3Dtech%252Cservices-and-software%252Coperating-systems%252Ccomputing%252Cwindows%252Cmicrosoft%252Cmobile-apps%252Cwindows-10%252Candroid%252Cfeatures%26ptopic%3Doperating-systems%26tag%3Dwindows-11%252Cmicrosoft%252Cwindows-10%252Cgoogle%26collection%3Dnewsbox-tracker%26subcollection%3Dmicrosoft-windows-11-announcement-liveblog-june-2021%26edition%3Dus%26test%3Dskyboxtrans%257C1%257Ctest1%26mfr%3D%252Cmicrosoft%252Cgoogle%26prodtype%3Dwindows-10%252Cnotebooks%252Candroid%252Cpc%252Ccomputers%252Ccomputer%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dwindows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet%252C2a1c6e58-9d8b-4896-8b0c-f59a7ef02931%26env%3Dprod%26vguid%3D9546bdae-8dbc-4630-8685-a892f432521f%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D4%26session%3Dd%26pv%3D1%26useg%3Dnoxs&cookie_enabled=1&bc=31&abxe=1&dt=1643147430039&lmt=1643147430&dlt=1643147426932&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C0%2C1038%2C1038%2C1098%2C10&adys=80%2C300%2C720%2C1816%2C2912%2C4018&adks=3234279276%2C380686334%2C374673385%2C2863627395%2C2109996952%2C3596897275&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwidows-server17a2.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x4436%7C1600x4216%7C419x-1%7C419x-1%7C419x-1%7C1600x20&msz=1600x160%7C0x0%7C300x-1%7C300x-1%7C419x-1%7C1600x20&ga_vid=1157520245.1643147430&ga_sid=1643147430&ga_hid=1211927761&ga_fc=false&fws=0%2C4%2C4%2C4%2C4%2C4&ohw=0%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2465aae7df9442a0ed374161d04736cfa6a09b593691cfa2ef5d49820311fc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17126
x-xss-protection: 0
google-lineitem-id: 5689576291,-2,5689576291,5689576291,5689576291,5689576291
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349728458,-2,138349728194,138349728200,138349728203,138350135767
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 68ms
28ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5549dd0232b749a7c42f3f562da95c2a96cc0addb77889a285f44fe54aca1693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8830
x-xss-protection: 0

GET
H2 200 container.html Show response
f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 809F 6 KB
4 KB 78ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 21:50:30 GMT
expires: Wed, 25 Jan 2023 21:50:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 161ms
60ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 73F0 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4XvdU6QBvlr77gwuJNC3g50JFNcpMrw9Lv274PnhzROEnH22MtvXwZZROCwL8vT-bO6uNNDI00Ahq1mqs2dLkHqBmeHsez2Cj0oC98O7ym_aqmwC6pL4zC-K04sEznZ6Qdb-Yk5V-okajoyaJUWRYi_-ID7cXLqoFoUAwawLlMWsEhPJWFr1nsA7N4e2VU1yVAPJk33iXBglLD7-4HV9XKcjIZ2yfWoYSL3Mlv0peS9ySQiC3LCaNUrotYlwb5WwKpszbhG5_X8i-M33DBzNpqHIUt4GVIsfAHW0Cx9JEtPjJGJMfeOWe3gKsAfMKF1qHDG1d3-E5Ny8n1KBJrBGxphJeoj3THG9b34pJaev_-yjp_bCrtS-eliofpA&sai=AMfl-YRk3zhtLLFNVmGiDLYclXkWNdd-hm5Lz7dMAy4CqoFRR8FMAIO7Tq22rwaytxnuEqN_zXGhM975qkqn410EzCYpbqYBVWNn5TtrrWwysQE1_oUbu7s7OkPqYtmPtnc&sig=Cg0ArKJSzECGLxU8ulOIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73F0 122 KB
38 KB 121ms
79ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 73F0 335 KB
112 KB 16ms
16ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC2 0
0 52ms
52ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWfmo3kfg1zrmYX29jygDq-oO5w3jGlFcd23Df2PYh2wHKbtolsXuw6KuSmjmx919QcnQCpV5vmlbL7EEwWY2LAeGAndQbEa4A7phRW-BaYYJr98ONv4g48l7Y9Kb56foZowZlfCLT_bePxFRO5M1_xXyjgJAqxSb5zse8FRgzTTNUPVawL0S0xaSC6UWFQytGy3kE5olw1zCgydqj-_fFSe4SeZJQTr7VndfGwrz_f7I0_w4rtwBjIx5HKnYa-wLMKyayR1SX1xPcwB2pXXDqoN2y17jWLSmxgZ_6byjbEbSAKCrPOdTAqVWTvhTYIw9X0oiQpLYugKFqebctwIaXgCJ8TbwBWLbEcGbUyp739hkRkjFLbJytpw&sai=AMfl-YRWsvWrG_JZQkF0y9cN2n0K5SOaDEHtosJfn9vt9iTGbWImkt0-T-5DalhqfCr7wc8NAF9W5pBoA7TyeZvP_U8q5o4-ROMAj7FBvAPrw-icGFqYtbOr_QWWAuorzdg&sig=Cg0ArKJSzMzG43tAXNoCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4DC2 79 KB
26 KB 58ms
58ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0ba5993c22886bb1f2f86036ca4f2df0ecab93f5cbd7942718b23621e0177b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27052
x-xss-protection: 0
server: sffe
etag: "1113 / 708 of 1000 / last-modified: 1643136847"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DC2 122 KB
37 KB 183ms
146ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 4DC2 335 KB
112 KB 29ms
29ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F602 0
0 51ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiaNaR8E7wlrBGd0RaFp7x8TTYZlK0WbM6wxqETdIsNNQcExajpfx2DlWSjO0Xdr8zf70U2vBz1ES0YiyFH_6Iw2Ytg7IJWzmwqycBz6hheJmRZJ3z5505h91RSa4OwM74iJ54_ZhRRiDqRnGGdHus3ofElUMP6QWSus7mI1KerDWCHcdzHEMjVMq_mDFaQhpomcMelwD2KjTRMkUwEYTJOes0PBbuYLbSY_ZogTzeAwOShYEhu0XtIVuCO3snzcyzjea_ByxiANnI1b7X4w5VKS_dIfO0UwDbl7UZdHf_sjTj3p9NgAOQzE9SuBJy2Ynq5ozDXqwBn2S_gBxpz7o8SATR2JG-i1wR-dFK06Kt0-ideoglTiR9iQ&sai=AMfl-YTbJ-jU-mS9FofgXawiuOu6HX0G9L5Bqq8KxibxS3jzqft0z7CB-1gw4fC50yVhhzXVPeuKIXD0wco56NelblAnHGjoo6gOzBiqNZvVvntt0yqho-i_Yj7q9niUf-A&sig=Cg0ArKJSzNWhsXVRms5mEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F602 79 KB
26 KB 77ms
77ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

3249631fbc5c94178ff4773d364d3d4fd0facbb4f900260ad690514d0a006c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27054
x-xss-protection: 0
server: sffe
etag: "1113 / 456 of 1000 / last-modified: 1643136798"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F602 122 KB
37 KB 182ms
164ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame F602 335 KB
112 KB 21ms
21ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B240 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuefG5p5-yVjia_f4nheHipsz9-UnACUKDHdq2IU7Bq9SOhtw8XrzGOpjNYRHNNt-K7F1Gwbq_HYQuV1F1BFZPWyVJwVovTlD9YcbZQyHJVm2QNIiruBogtbqwOyeWw548Hn-CoMCcYh5f_lV-s3e8M2UEG4yjsb-AIRLhcu8two4dP3puM-1cDjqEHfLBBoHdVILw6Fj1DiskfeAcQQ2256hvT7w2xCJSSE8EQb-CBllcdcN4Jz8IaD-KNHIMCXX4TNXtPS1FNgGzZHhDgvQ9GCOx0Y0t9RLDWr1DSz4y8AWyKqyj_iZaqgO5RYW2e85Gl0hiYJd5H62l2qAa3s0CVVWAz_BT_EhrlxZoD08aVGS40mUGs4invEw&sai=AMfl-YR1756mXpgjyrFwmwZJ4wbzeX65zm6_nT2KGgkUaLaoTe3rq7oaoDaOoIz1uRZGY40J9CmaB3PWZMC6K7LgpSgUqgaycKy2odeR1H_eXtVwxt5oZ0mniUVyS-ZwUpg&sig=Cg0ArKJSzJtvDPejhhSkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B240 79 KB
26 KB 79ms
79ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d031be57562f416dc55c393bfb3988cc7089680b5dd8e0cc16870ded36936ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27051
x-xss-protection: 0
server: sffe
etag: "1113 / 900 of 1000 / last-modified: 1643136847"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B240 122 KB
37 KB 157ms
144ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame B240 335 KB
112 KB 24ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F043 0
0 51ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHVlbMVZcKTNE62dnKOXUp3RRdPrbBKw2A41wMbaB_O3PJUC8A9PyLNpbYbf5rYU42uCGWv20AQeR1pIocr2JvZG8aaqTb0P6LLbUR-pLjeXYZFysiFALjZLfrZkpb6U_uFYcNAWtj0MdYLY1WvFo26S9BoFQnMWUummMgovAm3bkpcJuhM2aIqRFhoOgoTDCDMPRVIIsju7rV-9baW_F4Vv8jO_oEGoaQgNY8qQGAO4JQSm1V-z2QgbwGVj6jyIg21jWP8SZqqTVCf6oMdQG9mlpzKc2b7LpaL9-gYnfC4lVPNmiISXXH3TIfBAhwtjb5Uo5GsTlGaN3Aho4tiu1UArGJmHEbFZ7Zb0LExLh59fm7OGS4CL9mgw&sai=AMfl-YQEIkJ2Av5CwOK3wbVKwY3AhA--hIgF4rxp_zMYNQBRdhtwIv-bDZNbiQMAgXFZ8Xl7WwkXXE_CzLrjWNa6tUO0WfL3B-fzqA5G1wzpfypzzX-TdoU2eG1tlPALxks&sig=Cg0ArKJSzDwufqiWpsG5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F043 79 KB
26 KB 77ms
76ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

3249631fbc5c94178ff4773d364d3d4fd0facbb4f900260ad690514d0a006c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27054
x-xss-protection: 0
server: sffe
etag: "1113 / 211 of 1000 / last-modified: 1643136798"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F043 122 KB
37 KB 164ms
155ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame F043 335 KB
112 KB 25ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: widows-server17a2.com
URL: https://widows-server17a2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 pubads_impl_2022012504.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4DC2 351 KB
118 KB 16ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

86f6444eafceacae485c6aadbd60d9659319859369ba5b9d4d0a1bc09eb5d098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121040
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:48:22 GMT

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F602 352 KB
118 KB 15ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:34:16 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4DC2 107 B
122 B 49ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4DC2 107 B
122 B 50ms
26ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DC2 0
20 B 71ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=1505093321690244&lenfreqs=628%3A1&vrg=2022012504&nw_id=22309610186&nslots=1&eid=31064243%2C21065725&pub_url=https%3A%2F%2Fwidows-server17a2.com%2F

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4DC2 30 KB
12 KB 66ms
65ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1505093321690244&correlator=4313365436741939&output=ldjh&impl=fif&eid=31064243%2C21065725&vrg=2022012504&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst__WfqnaRi-sa84RAgiMqN3BxaE7numoKloDlTEUsPDFZd1ZSHJifBDiCz8aLGkf_K_s6AK2Eq3Sx5doTjkXE9Mp-ijP-9VOy4jbZfoPuHllXhD8-FTkEjMi2DhMyu6bspJiJ2Hy9OBwWQOcvOx8PWi8Zq9taA-ArdtFaKy-ZNlh0C-x-Ltuk5fzIbXffK_da2QJxMSu3zr9I3GEwiz-tuE7iFdMLS7EoN3GTxZg4yOne2nLLmO6rm9t6GquBwMC4NzkyfYFQEd-esVLqSsqcRwjrChFtEMtAb2gExaeXREAYXxm0ff9uGthI-KTHnvXWU08uAYItnT_chGtMc6u9e2IRAk_DWn1gkYxSzP-lqmb73LI3bbw%26sai%3DAMfl-YRBlOVNlaSyhZzMqmYlHySru57hwfypSwLoKRVz3_Tw14nNwbEfCFPYHnJUEgoI5BT07vFaRvZMaHgUlgzlmbdlJzV5cYnWETl9wIAfiqIjDZpOgGRYmVZI2tfiUj8%26sig%3DCg0ArKJSzCl6qSVRDu-_EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&prev_scp=campaign%3D5677026463&cookie=ID%3D4dc70d75d52b68ef-22926da52bcd001a%3AT%3D1643147430%3AS%3DALNI_MZXXtwWVBl2iNJHnvLTgGNg3n8MRQ&cdm=widows-server17a2.com&bc=31&abxe=1&dt=1643147430318&lmt=1643147430&dlt=1643147430171&idt=129&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1038&adys=560&adks=1319207525&ucis=zdhwyeedsf0y&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwidows-server17a2.com%2F&top=https%3A%2F%2Fwidows-server17a2.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1048630573.1643147430&ga_sid=1643147430&ga_hid=1112250433&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d2c153908a99c68b87e8921e94743f114af4ad6e405e89614d8f57e5e058774c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12536
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355023537
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D73 6 KB
3 KB 52ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 21:50:30 GMT
expires: Wed, 25 Jan 2023 21:50:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C5EB 13 KB
5 KB 102ms
45ms Document
text/html 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 06:00:46 GMT
expires: Sat, 21 Jan 2023 06:00:46 GMT
cache-control: public, max-age=31536000
age: 402584
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66C3 783 B
1 KB 65ms
27ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0a398729a16e4489e45e7523d844f6b5a72d5360e7cb8aa81525180dc43065e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S+fXPidHsi2m7HuDz+KaOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 25 Jan 2022 21:50:30 GMT
date: Tue, 25 Jan 2022 21:50:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-S+fXPidHsi2m7HuDz+KaOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F043 352 KB
118 KB 15ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:34:16 GMT

GET
H3 200 pubads_impl_2022012505.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B240 354 KB
119 KB 17ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122166
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:47:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20news&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430395&de=504872767067&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=6&cb=0&ym=0&cu=1643147430395&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138349728458&zMoatSECT=news&zMoatW=5&zMoatH=5&zMoatVGUID=9546bdae-8dbc-4630-8685-a892f432521f&zMoatSN=d&zMoatSL=nav-ad-plus-leader%3FT-1000&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=196551&na=1122234176&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 73F0 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVaOEBlQbBf4pIC7iMAAz8biPlTLChOIbAOH_Fb6EMkaGQsTNuq_cIRdwQJPEW9kl_-LpSrR4yThH_nx2ArgSzngZdZeVmIsX2kjrWq_fIDqyxgKNt9DJZMVRL2amWmX8wm4W8NTi7uEqIlBL3Zd-VrzQGtkxsROud6JEka2D9bT5yO1SNW4GOVttWQAuO1HBZDE11hiKV8TuWVqKJf6MMz41LEy7Q-srj-_QvXOfDV4khIshGrjZsGrkwpkqCZx7C6tg6W4ToRA3G1ve6KA2Pru9Nnin9WqsWiRUqykH3zh1nLcuqhHrk57KG5KEa-hPepYrTy6nTW6AqjxzvYxYQ6ks7NTyWqXWBbKDG_swItGZJZrX-n-Oh4HDk_r1w&sai=AMfl-YSvy9nTFTS1W4NK70EMo9aeQJ3Yq1MzG6NrxrFnMb1xEpQvpmP_oUFbL-pe9uuIDWuZJ875rAGVFMAWOWd94Fdz84HN0rsbL2Qr4Gs7talMbNSSK3-Dyy1bHZ4COPE&sig=Cg0ArKJSzBvD-eAYFfcvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A3F 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcvDVsqDhljXlS_nFrvt-2zh4LirQYUEVeNyNA2dA-TNbVlyHCNjjf0TnYq1YMvwHLopWeLWl31rof0HlPV3R6CdkkejnNDrEyLlD9kqwbHTmDakjNe8YMR1PGBAHCTWPZsrOE7yBk3ApO1PrfW0okW7JRnEi-zMCtetlwPiTcd0TJaXT_yh6E3rmPCsPtA2Ha4DyTxY2-7gwgNVrkdklCPwQ9O_c4GhlnQWxoBjXiExM5YvBuL4r_SpWYyHRhJOkdImviZhA3mxqr29Fh_T2kh4g8DG-5DaZUrqRcFwYW28NW0f4YxovsGhOJciLX&sig=Cg0ArKJSzMuXZBEqxTwFEAE&uach_m=[UACH]&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 6A3F 2 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:18:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A3F 122 KB
37 KB 127ms
103ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 6A3F 335 KB
112 KB 16ms
15ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 16181266791146063110
tpc.googlesyndication.com/simgad/ Frame 6A3F 17 KB
17 KB 45ms
45ms Image
image/png 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16181266791146063110

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3661ac37cbb213b64eb600c7c30da647babd9a2b2ffdbe5f30830fcebe2cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:10:33 GMT
x-content-type-options: nosniff
age: 135597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17729
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:34:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 08:10:33 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F602 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F602 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F602 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=3711855585759009&lenfreqs=628%3A1&vrg=2022011002&nw_id=22309610186&nslots=1&pub_url=https%3A%2F%2Fwidows-server17a2.com%2F

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F602 30 KB
12 KB 64ms
64ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3711855585759009&correlator=895066114965991&output=ldjh&impl=fif&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvQHbtum9RlYsbMZt-lBG36KCHM9kKedfoBmx5XI5IkW0LYsD87V_tAA7_b6iMUKznAg1eeHFfs2Z_aeT0Zo9qVs9QzlUgFZ91tCuTbYGVClXCT0li4EMN4IR6oqnlYAF3S4swSww3ucaVAPQ48qk7hk71Isyw9Z5lN_09yUUV8HPqLCNZInkvwBtu9nhYPwQl-ydygoxqZkEB-58IWhgXNct_Fd8oK0sD1TAs9Ci1WyevMuW6dnDvxsIvcbJsK37gdnTUob7J_c5kBzE0KguLxzO483o4iu9OAf6ChMmJs_9XuYAEEk8z3iixzMDXGVB5Bmz6z_ivp7lSblfKmhv0ilm3TFQWnOEi-PxveMbq6TvS0By_VcQ%26sai%3DAMfl-YTvvAZNr9VrU6Pwd-_fTY81vvpwP5ucOdA6RPkXRj3quAkwk-iIOoYcCAdrEmtgts5XdMV4wdHcUvaKda2o1rZ6fgagTe5MC_G0IR5oDQzeleluF6K-3U2wYITl-Tw%26sig%3DCg0ArKJSzNtJ3xcRbV92EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&prev_scp=campaign%3D5677026463&cookie=ID%3D4dc70d75d52b68ef%3AT%3D1643147430%3AS%3DALNI_MZoZfLiaODF8b5s8qCtiSsgnk3_TA&cdm=widows-server17a2.com&bc=31&abxe=1&dt=1643147430460&lmt=1643147430&dlt=1643147430190&idt=255&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1038&adys=1656&adks=1319207525&ucis=qvrp0ey82ilt&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwidows-server17a2.com%2F&top=https%3A%2F%2Fwidows-server17a2.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1736243662.1643147430&ga_sid=1643147430&ga_hid=1512701516&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4a15986135489ba299edbf05b0f8f8b6283e9d3eaca726ca834c70c730532514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12564
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355023537
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC4E 6 KB
3 KB 38ms
23ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 21:50:30 GMT
expires: Wed, 25 Jan 2023 21:50:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F043 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e268aced6765aaea69613e7b8661aad78ffc0e74c9cf9b2c09e2f32b2f39c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4DC2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2555b995fcc2b2163258ec908a57b133e97fb42c8817317829df836876551fff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B240 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12df26f70a91d47159ee5cac10e97f2f6e9778f0f1377a51388f719556d7f877

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F602 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 683dc17ee826b76ed24c36a5cd523373c4b1d8a5b1bc5e23fc34ddc9e56dd32c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B240 59 KB
23 KB 17ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

73ed57fba43ed89fa450a1ae368c27908a43950ebc106287632a3dc9c1184da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1723
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23019
x-xss-protection: 0
server: cafe
etag: 16015489130178292579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 22:21:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B240 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B240 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B240 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=1240198079541482&lenfreqs=628%3A1&vrg=2022012505&nw_id=22309610186&nslots=1&eid=31060838%2C31063821%2C31064535%2C31061691%2C31061693&pub_url=https%3A%2F%2Fwidows-server17a2.com%2F

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B240 33 KB
13 KB 65ms
64ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1240198079541482&correlator=233027426620433&output=ldjh&impl=fif&eid=31060838%2C31063821%2C31064535%2C31061691%2C31061693&vrg=2022012505&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsteINwJMv9U9Z2CQZlHfr9bnIi-xSIr_kqpnU3rp5JmtXP263rtElzI3sgqwumuAD8hR9sAp8xCcNat7XR4XDVGvhv9sIH4IIRj7LB0mGn9a0dOLVL1X7dkmt2K8D2oHmTkUFflz27Cn8iu0RnNS3H41moW2ppvjYjesQwyAbddgEBhR4BTV303u8aAMM3ePKTYq0di117iptUngIIGCetIZ7cS8AUuqVQaz9uEevsKuwaw75cOny4PZjByIE7I-bRK5yenrOL_XcFoXlRO9ypGMZ4-IXU_jFGNXoS9QBZj_gkq8NMKxV0XqvJFPISbomZWitGG2nuPcXV7PshO7tn47OBgxyaLTngOlsENAwm7YTsRaszwzg%26sai%3DAMfl-YS8O9YhOUuikijtyOM8zBA_kkUbl2-4o4FguYxNDwHYJpDv4dlsizO4gVNW8NvbL-wcVWV1MaRl_vpZovtXvFNqZgTKQ2ve8nQANK2RGboeoVsNIs60WhiZVodW-tA%26sig%3DCg0ArKJSzAWjav-MLKjWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&prev_scp=campaign%3D5677026463&cookie=ID%3D4dc70d75d52b68ef%3AT%3D1643147430%3AS%3DALNI_MZoZfLiaODF8b5s8qCtiSsgnk3_TA&cdm=widows-server17a2.com&bc=31&abxe=1&dt=1643147430574&lmt=1643147430&dlt=1643147430196&idt=361&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1038&adys=2752&adks=1319207525&ucis=9tw0w7xckjlg&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwidows-server17a2.com%2F&top=https%3A%2F%2Fwidows-server17a2.com%2F&rumc=1240198079541482&rume=1&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=205031109.1643147431&ga_sid=1643147431&ga_hid=883199809&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00b9c8fc5d015c6b83315fb2180bb41d0af89327a86050ddca78269c3b5eef59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355023537
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 13CF 6 KB
3 KB 46ms
30ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 21:50:30 GMT
expires: Wed, 25 Jan 2023 21:50:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20news&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430478&de=848834473889&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=10&cb=0&ym=0&cu=1643147430478&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138350135767&zMoatSECT=news&zMoatW=728&zMoatH=90&zMoatVGUID=9546bdae-8dbc-4630-8685-a892f432521f&zMoatSN=d&zMoatSL=incontent-ad-plus-billboard-bottom%3FT-1000&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=196551&na=514817472&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F043 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F043 107 B
122 B 26ms
25ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=widows-server17a2.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F043 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=1824066052782060&lenfreqs=628%3A1&vrg=2022011002&nw_id=22309610186&nslots=1&eid=21064365&pub_url=https%3A%2F%2Fwidows-server17a2.com%2F

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F043 30 KB
13 KB 57ms
57ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1824066052782060&correlator=2150324666619496&output=ldjh&impl=fif&eid=21064365&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuyPMXH7wfBcjmPo6DsIffeW7avxsP3KtWInHNk-EJ66_DxWDjCEdyWV1eRhR5_bIjFsqAsrR60EUo-P_wliIkpTAp4DGsJO7oyQz5xf6dc3YJqd-AA57GpIr_Ao7pwYy4N61sjHu8i5D80ztGwiOQztMLaDaoh-f6xFuFmsEF3VKPgIJVXcoRunToU5m_t71YLGmD0Rzq8PPoZYEQZSnUkJji9QlY9G1_B8B7alSkhyXzKEafnO1VSH_BSinfw7nzwu4loh1XOjyatvrKPVLtzdta_OSFx7YGU1msFM7-iUIfLEMO_NC01JcwpA3BI5h82p-Sx9L3kQILDfpmBBbToFI9aN9Usx_IgPdbDPKMn4vw99-xn6g%26sai%3DAMfl-YRlhVBZl29yMmOIjXn7xt5hiznF5WH4hsXX7g3Dsi6wFx1T7gqsMHdl83FWIIGcBUy_UpeZyGfxGFvknQiOptnLkq-dYr7AAzT_K3TE9LB75rNhzYRFv09g6PYMhv4%26sig%3DCg0ArKJSzAZX96H4dlXnEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&prev_scp=campaign%3D5677026463&cookie=ID%3D4dc70d75d52b68ef%3AT%3D1643147430%3AS%3DALNI_MZoZfLiaODF8b5s8qCtiSsgnk3_TA&cdm=widows-server17a2.com&bc=31&abxe=1&dt=1643147430589&lmt=1643147430&dlt=1643147430200&idt=383&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=3858&adks=2689385466&ucis=cycubckvgrhd&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwidows-server17a2.com%2F&top=https%3A%2F%2Fwidows-server17a2.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=228228538.1643147431&ga_sid=1643147431&ga_hid=1120662984&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

311e34bc92454f4b23b57b27ab1bd2b8dc7d7adde628201534aaeafcb6ef4b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12863
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355368817
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widows-server17a2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A644 6 KB
3 KB 38ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 21:50:30 GMT
expires: Wed, 25 Jan 2023 21:50:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BE9 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWfvI4Kt1sBwMtOZshh6Pa6tGWLkJRoiQZ6p1lGRkOlkWirCzxkbgvbQ_JYCpg4HyV8xDaXHY07NPO72SEzY6mPDV_n4jrsVd2CAd58BfxaPF4Rdk9obiR-YGRaQn9lWS-uYgS93mXsNR7_ddkNl6Ak94nH12LqRxzt0yFXutCYprHO4xtFAvy5EViFkwxV-sZjBvjsbC_2hHFXAYIoyuMSUOC5f9PcoUV18eoGxp9T85dlNRquNdJObUrovQWb-b0Kl52HxyuEOn7MjlxnhPCyNef37dHRVg66JSBfr_pY2GdIs9HzR37U6Y5Q1jR&sig=Cg0ArKJSzIr_l94x-UOiEAE&uach_m=[UACH]&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 16181266791146063110
tpc.googlesyndication.com/simgad/ Frame 5BE9 17 KB
17 KB 45ms
45ms Image
image/png 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16181266791146063110

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3661ac37cbb213b64eb600c7c30da647babd9a2b2ffdbe5f30830fcebe2cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:10:33 GMT
x-content-type-options: nosniff
age: 135597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17729
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:34:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 08:10:33 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 5BE9 2 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:18:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BE9 122 KB
37 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5BE9 0
0 50ms
24ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSITjkoWEaTz0D8SMnhf1SsZcHEFVmqDeu1MUxp6I-c7EJjGDC8NN6MpDKdhWTmyv3DeheNu4-yAaZcS6cTZZUFRqckhA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 5BE9 335 KB
112 KB 18ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20news&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430494&de=821637801497&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=14&cb=0&ym=0&cu=1643147430494&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138349728194&zMoatSECT=news&zMoatW=300&zMoatH=250&zMoatVGUID=9546bdae-8dbc-4630-8685-a892f432521f&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=196551&na=1705214340&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A3F 0
0 52ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrvV37dqAKAzemwPPLdpoqgDYDYhUMwtj-ntdtR9GgcM7EwuGFjv-xadgcX3uWxu85ZyWgGziTUCqr663Nde_RYsxLt_r8Q-XTJ3yweAaPLNdnyn5mJGeO4vZ_OM6oEkLYvnn3qb_irMu_CRrpju5m62TNn5aHDyJTQf553_Z3RRfH7NRAjmkVDBLRgQyUHjY-gLcKpH9ven70y7Ode2AOk7xeJYpbWd8-zozXl_DvpdIi67BVJu75nmJXsaXy1iAFirJTNkQ-L7xia-iAdZp1kyP2zMZg4zKCXrJIrLqHdmfjHSFnuqv6OLzT6mvwJg0&sig=Cg0ArKJSzEPmNuQ4F-PbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
DATA 200
OK truncated
/ Frame 6A3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e3ba8f4f6c809752ad9b12a9577bef9bab878cbfbc7022750c937ef91b7fcb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 39ms
17ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430636&r=466108902433&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 35ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430636&r=466108902433&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 37ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430636&r=466108902433&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC2 0
0 51ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJJLipz5lfDWH0zkJqqCTkc12CmPPKofdImZ7qMYq2trrBFAr0Ze940RL87DEw7rJS8ro6rP1ltkx8Vxf8Xihwpp-7Rc9qUKtib6dRuRK7yt-aREoSYvt2TXlSC6ccWKRiI_7sJy1b0A5iYz5yHkuuj5-3ZYsN45VYmi-hACL4bIM8iBL4OCWcUOR3mhKmWn4kO_pX32S5RIpNbA5a8xMh2-l7891Y1OfK5rMPlYIFzKNGHcSm0conQL2Vt4Ov12BVyAv1EXFq3E00DC8HKFBQGT2rYe2vx9I1UOnxyDMi4WHZo0DtiVIMqBUxrtv81SovmeZEz4IZxt6kWhqAJJdHEMZzJ3qGHJspQnqhRo8e-WzURSyQA-iJovb2&sai=AMfl-YR-Zr5JPSg2xtCtQfdHNosEyIKF5nMwK_yXQViTtEKzT84E52_aIOI0qgldfwoNqs9KxICbSQw3rS3O2l7oucbjbr0N1SpF_vQgeMh42ABkssBHL2W3VzUl-AmihNQ&sig=Cg0ArKJSzOCFJK0atyqHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4DC2 11 KB
9 KB 55ms
30ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012504&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

871f863df0eda83c35c0098c5beac1c2da5a8effdd5a9f5c1859d28355084c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8855
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66C3 0
0 52ms
52ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012503&jk=3664785128545466&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8858 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-dtgsI7nj7LdjDOd4Ka8mCcg6p6Noq7PgMpwGqpplHaRhxzFda_BMU-kSjB_BwVHgBQoSZrzRuTsq4yE9i5dlU48rz-yigs40sCX2KgBN4vasWFEj5jp8MUWa0l2gxuTfsx0948pwrYoAfNTSM-6IPzlgT9S8Pk9kxtqOCzacHhLnkGpQq5F5WDeJ4-UEdUFljxyk9lBybnmLwueOCElJAInTY9En3ROsjV_nzlIDX0ayyeQqBaxj0mvtMqlPOBHjTy-ZbdEWf9xGfQOljsUZ7sx39nKuXhPXCRCGmHSF-qweGRdoOnYJBN1h2ywM&sig=Cg0ArKJSzOZeawnxOWa-EAE&uach_m=[UACH]&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 16181266791146063110
tpc.googlesyndication.com/simgad/ Frame 8858 17 KB
17 KB 45ms
45ms Image
image/png 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16181266791146063110

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3661ac37cbb213b64eb600c7c30da647babd9a2b2ffdbe5f30830fcebe2cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:10:33 GMT
x-content-type-options: nosniff
age: 135597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17729
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:34:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 08:10:33 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 8858 2 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:18:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8858 122 KB
37 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 8858 335 KB
112 KB 15ms
14ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D535 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqGNUomSWfP5M3CEIJMguPTmfyeNI7cB67W9yBa1zPVwFrLn63YaHiBS0JRaoM3CXhemGiZuUiOd-GlaGgX_fuooQOQhnsphJWT8I6eogNhbrpyjtJ56MBFbTgfqguKFyYE_CFwMXBHlQOJhtEe34i5OwTcdbr5_WZNt7A-B2a_Di1jNwr1HmgVtdBAZVs3HogcFat4vK45R1IvhFVgm3VeFlPnuEhYBjRBZxfRSNZzpmVv2oEEMA-wC4pCHiD_c3ypSah-UD3tLOOFIUwEuyo4UGHIDSxk-pmAyNPtOKogRON9yb8I4smjlrKx5EY&sig=Cg0ArKJSzCD_5o2UmsXHEAE&uach_m=[UACH]&adurl=

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame D535 2 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:18:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D535 122 KB
37 KB 200ms
199ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D535 0
0 24ms
23ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-jmazlEDbbvRDZ0_QNQ8t-P1gWBQ8kIlEcy-XD9CeJG5XT14CSyHgYDDCxryhspTXYwAoTQxkpGevKqS2SNmzKsvCXg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame D535 335 KB
112 KB 15ms
14ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:56 GMT
server: AmazonS3
x-amz-request-id: M3XCJ933TPAQ88Z0
etag: "680fc97779e3603b1b3367bb9d71564e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44189
accept-ranges: bytes
content-length: 114330
x-amz-id-2: BHHh3L46URtkwm/FiKAiBi6uQKDvG2SAjhw6uIEDvSeFLflRE1invZuWEcH7eby34QCdDPkBHKg=

GET
H3 200 6742078371641366590
tpc.googlesyndication.com/simgad/ Frame D535 25 KB
25 KB 46ms
46ms Image
image/png 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6742078371641366590

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14089a26465eafc74f43e9aa9f3e20d5c61ae083d94d8a719741f8d003432bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 14:51:26 GMT
x-content-type-options: nosniff
age: 284344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25645
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 21:35:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 14:51:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20news&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430508&de=860651502673&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=18&cb=0&ym=0&cu=1643147430508&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138349728203&zMoatSECT=news&zMoatW=300&zMoatH=250&zMoatVGUID=9546bdae-8dbc-4630-8685-a892f432521f&zMoatSN=d&zMoatSL=mpu-bottom%3FT-1000&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=196551&na=1636113731&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DC2 17 KB
6 KB 80ms
79ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BE9 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzkUlrqTkbs9BTn0HOpj2KFEjdMLQXmu8QIgkKuQjfEmqfaYWtw_3UqvlNppQo9LFr8Jz7Oe1DPkFQ9Rz6_NK7oAPLUyXPtt5jjPiYoTXKfQ-6cJS5d0Ox7FDTaU7jwhUe4MUv2Wi4Lm-wxCG0WRUlMb1KxltpkQmXLER84nzPE7G0qj0an1wW29RhgeZMb6mrOO4UKVCztH0kg2Yf5y1ep1CFcXHGmZG2AZjOqYZg-YXYxEScG7vMmVrNoHPnyiNTCYZbyXTgF-h8pD80rDB3zMG8mp84X4mxDHZjAStXCMR2VugFd0r8-jYTYpuwYZU&sig=Cg0ArKJSzNHgHowlZ-kiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
DATA 200
OK truncated
/ Frame 5BE9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd940925fc76b4e7a08333eaa25a86c4a3c7ebc3584914976e4c99b0c9434db9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430781&r=448988205142&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430781&r=448988205142&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F602 12 KB
9 KB 31ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43a8045f4b231a9ec44f825e3fd4ffa6e845bc4f8ecab1d61b14ca1d499d0c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9011
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F602 0
0 51ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsNJRehN1v5vOsANddtc_30FqB_y5wxaZFzbsoG0n82BcQvax1-HGYyRWpJpGxVfN-k7oBJo0m0hoNO6ZnOTX3rKUVwdaB4N4RX9SpzTmTmH3HBOWDgOZ05CDscMT_wBunkrzs5lh6vuyhcDM9NuwBSEKEgSZjcZk2eJtRRPgOVWYMUXhZG_Vu2f77FKaa_dXeSlpdHU5yFAZmie-6zR_7nD9p8RiIBM7EopZ5gdpSdloXYSGdOPgwuBUWiKBN1iB2edvSyzlsxNdvJD5GSTEx6W0m0UohXvFpC_7MhBube7M878tQxgUL4Wka_Wdad1jXq1SZIprawsHYbZFhGLG60dG7t_F-Y0MHQmghv7SnM6u6QebuukQVK1RE&sai=AMfl-YTOCIHSBHXJnYFu5nxtcnyUviiqxzv4cKl9fSt4Yjah2V8h7_N3LpnLNYaIVKMIGbTscCz5ad1I2oU2l2AhgdvLsaUMAtcTz89hJSyQEkeUrKLuXPg8dcY-6d1dO7s&sig=Cg0ArKJSzOnuEv4t7QehEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame C5EB 35 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 19:57:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20news&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430521&de=278810478701&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=22&cb=0&ym=0&cu=1643147430521&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138349728200&zMoatSECT=news&zMoatW=300&zMoatH=250&zMoatVGUID=9546bdae-8dbc-4630-8685-a892f432521f&zMoatSN=d&zMoatSL=native-mpu-middle%3FT-1000&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=196551&na=1018101855&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430636&de=466108902433&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=26&cb=0&ym=0&cu=1643147430636&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=196551&na=1038780297&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F602 17 KB
6 KB 82ms
82ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16181266791146063110&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430636&de=466108902433&cu=1643147430636&m=21&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=3&an=0&gf=3&gg=0&ix=3&ic=3&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=3&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=2121095377&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 21ms
21ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=192&fi=1&apd=195&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430636&r=466108902433&t=hdn&os=1&fi2=0&div1=0&ait=95&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B15C 13 KB
5 KB 46ms
45ms Document
text/html 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 06:00:46 GMT
expires: Sat, 21 Jan 2023 06:00:46 GMT
cache-control: public, max-age=31536000
age: 402584
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A534 783 B
534 B 25ms
25ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1024a6534c3452fea65bd253afe19dc9d5c16641013294e0dc3d33841904a9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U22SDEooF3JNUDdraCmj7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 25 Jan 2022 21:50:30 GMT
date: Tue, 25 Jan 2022 21:50:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-U22SDEooF3JNUDdraCmj7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430781&de=448988205142&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=30&cb=0&ym=0&cu=1643147430781&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=196551&na=1149951783&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8858 0
0 51ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmdyyTFMShA4wL_CS_FtYUWKMwzuM5x8JlK7w6LZiokhv2Z9P7znnuhGFQvfPt3IUe8hUiYmRs3j6C0nJOwdpof6Q8UgzeSbEZVQiNVtUoZXTyjfOOL0yG3bnmtsSoC9kpCcouGVjMjCjr1pxfJD5nV91XY-pMBzkD4WdL4Iu0vK46iy37iMda5riQav3Y6JV_wgFknVAOGw0s75bCBriMlH1ACAMzU5CgSNoVFUd_CsAOKXmDiohmljMihYptSbRJC0HXSbK2wiBZOVPXBs4zBDKLu46htI1v5txM4U81wmoyLqna1QVecNqtd3X8cNk&sig=Cg0ArKJSzMIJegGHYLHmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
DATA 200
OK truncated
/ Frame 8858 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5be293314fdfb9ac37e15b9f960770700a5916fdb9df99e2c5d4e8d928ed393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430900&r=994050696304&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430900&r=994050696304&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B240 0
0 51ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM4q8tcwUNEWqgYjBLYDP_9YrC8uqTFd5V4pey6tbbsFTZL2xxnurPpG0RW_tVDv7xUmw59BzIMnA7twqFFZrXbKG8_l69yu7k0No03dZbUO245BwV8RIt-DyESCACH_JrZcW8LEwR7zQPU3mi4Es_Ag90d_FsepA-kMGCrDQ7tQZo2vN-1_vCsPoOwB4ZlqxtWZ6GPRHiy3jnFLue-vTYnDSaUMlr1Q9uYt0eU8rrmtWNaeStpQPFVRwDoBZvWRc5iMwVtNh6RDyb_UALyyTVr4pSjCxohQnkM_2dndbl2gUxVqqWnHqLo_68SLSF8Yz1ql1-0LowkBiIPgKcyXq0Gy_sHHKXF5bIAbbXXukDlzMmN5B9ybkYoLHL&sai=AMfl-YSIccCaUnC5eLIyOmSgCOUIDIT4OsYA-dtT7Ingl3Y5IS2jaSB5XXzlV3iYkqOPm5VAW3O3QUtlGHG-fAIYZp-EW3oS2g06EKoXcHnoRCagyLrNGJz2lZFfiFTtPZw&sig=Cg0ArKJSzIGfwzx7SKCgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B240 11 KB
9 KB 29ms
29ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b181dca1575ce51c7b770e681f4baf1d9f001f6db6d2562eb832a2472e504654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8918
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8858 59 KB
23 KB 15ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: widows-server17a2.com
URL: https://widows-server17a2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

73ed57fba43ed89fa450a1ae368c27908a43950ebc106287632a3dc9c1184da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1723
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23019
x-xss-protection: 0
server: cafe
etag: 16015489130178292579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 22:21:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16181266791146063110&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430781&de=448988205142&cu=1643147430781&m=10&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=native-mpu-middle&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=native-mpu-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=native-mpu-middle&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=524825772&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B240 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=widows-server17a2.com&doc=complete&pg_h=250&pg_w=300&pg_hs=250&c=1&aa_c=0&av_h=250&av_w=300&av_a=75000&b=0&all_b=0&d=1&all_d=1&ard=1&all_ard=1&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C5EB 0
9 B 45ms
44ms Image
text/plain 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eEwQ5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B240 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6DD4 13 KB
5 KB 45ms
45ms Document
text/html 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 06:00:46 GMT
expires: Sat, 21 Jan 2023 06:00:46 GMT
cache-control: public, max-age=31536000
age: 402584
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F508 783 B
534 B 28ms
28ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dae96d1fd372f7397ae47e29db54a1f6a92e7bc81b61f33420910395d5fd36a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pQcaVIMxZuy/6EYljim1oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 25 Jan 2022 21:50:30 GMT
date: Tue, 25 Jan 2022 21:50:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-pQcaVIMxZuy/6EYljim1oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D535 0
0 50ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvntHogXMlHYn9xlA-b3N-j9Ygf1OkNA-deS9EZp6cAFa9diweZ5uJkn30fcvhqgdCCluPNCFsrEZUyCtcmVHhq7VujEdjVN_Ne-EK4hL3arjtD2hYe2ZmLb5f6hXkN1UaItYvW-iKRWuwQLCQKmiRhZcanYFRl1Oy3fnYNVWd-lO5xuzd19R2IZs99hPEEMO-x4fTeg7witAqhqqDXSgiG48Kqk9sAwNEATGCWV_wC1VuhULPlnrygnqPQUB7fZ2x5HrA6-NSRR3dgJQ_A4npp9UPrddBXF8tch9MUZ7THlhqIxLp--4D3ThqrrmyVpU&sig=Cg0ArKJSzJO8poaKa6FJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
DATA 200
OK truncated
/ Frame D535 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6b37e9e9879ed123488d8153f15cdfc68a14962068324310d7d933867332f74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355368817&S1id=22308610192&S2id=22383746382&ord=1643147430967&r=223764984306&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355368817&S1id=22308610192&S2id=22383746382&ord=1643147430967&r=223764984306&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430900&de=994050696304&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=34&cb=0&ym=0&cu=1643147430900&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=196551&na=433116215&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F043 0
0 51ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupPIjUqP0zQZnqOz1dN4X_oPP7OYC04GZsyFlD5LNOYWt62rvM4ELufvz87SfgN1TSsA7E1p423Q7Fr3-QlJMtVN6EDW5J4cQshOrcrj47AC0Vad6-ybCJV90AQAWM5R2FdQoWZrdC7gpK_08qmQK2d-SYvX6PtVuHiq3C_H4wIv1KQ2sXnlN4r6d0vpAdZkYujt5zvlt-dl-XMjTyjKypjAApVqIbfMsAo_R3Vm2YezNq1AlFtQYiDwx8Adiz9RfSlo8lGg5Yl6MqBxlmUvSiYScGGClNFRw4-2sPKuzCHCm_ynxLCBUUy0y4naro7TFL-kJ8zcy3YPV2BiIrG0hhrS_5bLGAhYgq9848-E-zDO1a7PwL1YipVOqm&sai=AMfl-YQrzUdeUeKQyrg0aSgQ6vOGjzuaNp-0sEQznSxOQZhnrJ_XZSfbOWJQxEDdaOta3fz_gwqsSI1WV2FI1ekYxdphys7Z5GwO0IOi_dQoyPjzJhIElKfMwBP2yU5pxao&sig=Cg0ArKJSzL_Yq5sQsCajEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F043 11 KB
9 KB 31ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e05838123895ed7347929aab9a6670b5b051b4a3c690a2c3e11772de8b3a79dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 21:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8894
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A534 0
0 53ms
52ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012504&jk=1505093321690244&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=217&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430781&r=448988205142&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8858 0
327 B 208ms
75ms Ping
image/gif 2a00:1450:4017:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kyunk02n&chm=1&c=1240198079541482&ctx=2&qqid=CKfEqJfxzfUCFRVF5QodtBgEbQ&met.4=fb.9~lb.4y~ol.5b~idt.5z~dt.-42&met.3=736.5k~735.68_1~113.7z_1~112.7y_2~734.85&met.1=1.kyunjzuo~14.7~15.7~16.7~17.7~18.7~19.7~20.5b~21.5b~22.2a~23.2a&met.7=CCIQBBgBIAooCjA9ODRoCnA8eKwCsAEBuAED~CBcQBhgBIAooCjA9ODNoC3A4eO2MAYABwYoBiAHBigGwAQG4AQM~CB4QChgBIAooCjA_ODVoC3A-eOELgAG1CYgB4RGwAQG4AQM~CCoQChgBIAooCjChATiXAQ~CBsQCiALOBI~CCIQBBgBILABKLABMOQBODRosQFw5AF4rAKwAQG4AQM~CCgQChgBINQBKNQBMOQBOBFo1AFw4wF4l7YBgAHrswGIAavbA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16181266791146063110&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430900&de=994050696304&cu=1643147430900&m=10&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-bottom&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=74618282&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012503&jk=3664785128545466&bg=!HR6lHlrNAAZ_DxPPfw87ACkAdvg8WgfniR6mPgXoNI4v0tMWrmkGa8XdiFhNdyvJRoaYjt8xcftJeQIAAAChUgAAAAJoAQeZAsPWXZhsJwgy_QB8DvPG5kIgp1j8lxG3bnIl6I43dhqevFWHOCq5z9m9Y0iMPuVNXxb8fSOe3BLSw3tZC0DPi5ASb_Ov-BKuRg0Qg3aaMk8l683kaNNu8bPcwhGwNLqwy1Nnqjebgvo9vbCQlVWcbq8NzFm4j-KwjFKwnEMIKtuwMRNMInBGJEUS5RtcDk86A6yEgCs2xJD1mpd72FFDc5WzS0nfKRytGcEc5dr2hnUiNyQ3sEaXNYmNth3MtVuTLMFyYUry9s-1RBq1QdNj1Q1Pspx-zlrOl24xsQue7W9Lc8UjYB8sIlpsVNd8_-Le77nzs_8M0BE17EbIGvk05dYkrxmwXXSQarJ2xU9wtABChZ3pR53p_xaqYJu0Tl0fjb5kB8AcDcVjria6mT_wwYN8Yr7PX9CfbNVnraHINCGOmX7ReXPiVPEzel6zwHD3qM6oxp3izKrHqU8VNPPJLe53w3_rn8PvTlqvadVPnZfrJW8WWiyiLku4zzyBuLsp184CsgK6TSkHX_X6ZVgqRbshrUpG92aW21FF1sp3HXR_fcQQ5vLbban9J2BADEZuO4GohN9ENyBMCkZrlk0YEc8B8vD_glkNwwf8I-HiDooXokIQuioPalu5ai7dXwLCses2XFZ0JSrR9e3YvrkSAdrCRINDxkoLCRY6XfAkr625XbXJQD3Qh3R73Em9Wb1bFmBBjffjjh0oYmIv6omWnpC8iUBPPw7IkJi4caGzCYQIKFSOz7r2iywxIQwh3UPbgCGg69VxvDxLTVAJOv7m4_M7cFJACa1F8bZgZZ5hOJcW8Tdez7HVYYf5_zwyUzHNUR1r_xKq97-qg66t4THEfyeT2AZSWlqqLrv3O2WCpAvxUa0Exq4m3psZltohpxqiW2ISK9t2-PCLt6oon9Y6kvSex9fK9RqxaKCkhmAgnIZDm0bCGA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F043 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame B15C 35 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 19:57:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D03 13 KB
5 KB 45ms
45ms Document
text/html 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 06:00:46 GMT
expires: Sat, 21 Jan 2023 06:00:46 GMT
cache-control: public, max-age=31536000
age: 402585
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77A8 783 B
536 B 28ms
27ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e127388f60d368fc7f5618940065833000f944833d6d80c0362bc3799ef472cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nbxyjxsfqVZY/185OIJw0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 25 Jan 2022 21:50:31 GMT
date: Tue, 25 Jan 2022 21:50:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nbxyjxsfqVZY/185OIJw0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F508 0
0 80ms
80ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=3711855585759009&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DD4 35 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 19:57:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1643147430967&de=223764984306&m=0&ar=3902fe7180d-clean&iw=189f0f6&q=38&cb=0&ym=0&cu=1643147430967&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138355368817&zMoatW=728&zMoatH=90&zMoatMMV_MAX=na&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1299%3A1299%3A1936%3A1286&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=196551&na=1676492127&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F6742078371641366590&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430967&de=223764984306&cu=1643147430967&m=10&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355368817&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatMMV_MAX=na&zMoatSlotId=incontent-ad-plus-billboard-bottom&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=incontent-ad-plus-billboard-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=incontent-ad-plus-billboard-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=374819708&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=214&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430900&r=994050696304&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF31 13 KB
5 KB 45ms
45ms Document
text/html 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 06:00:46 GMT
expires: Sat, 21 Jan 2023 06:00:46 GMT
cache-control: public, max-age=31536000
age: 402585
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E28A 783 B
531 B 26ms
26ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f663106e0d5280781e4862d5b316a38010bbe3e59d0834ba221b18e949576b26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OiYLvdivtakeOs/ozArbNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 25 Jan 2022 21:50:31 GMT
date: Tue, 25 Jan 2022 21:50:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OiYLvdivtakeOs/ozArbNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 509
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77A8 0
0 64ms
64ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=1240198079541482&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D03 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 19:57:31 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=209&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355368817&S1id=22308610192&S2id=22383746382&ord=1643147430967&r=223764984306&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B15C 0
9 B 45ms
44ms Image
text/plain 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xbxOHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6DD4 0
9 B 45ms
44ms Image
text/plain 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cNfvtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E28A 0
0 84ms
83ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=1824066052782060&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DC2 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012504&jk=1505093321690244&bg=!np2lndnNAAZ_DxPPfw87ACkAdvg8Wjm99HlR5dxQXGgtQINK2s9vmTd_jkc7np3JYMu6emA9gDepXwIAAAClUgAAAAJoAQeZAt-Yh4_oKDzizlHxABFU_lqbbM3CKRRHoDWBsaCS-NfZrgFpuQN2j7H8U5NNiMbsAE7MSenS4oXFdHmg6IOBPwiVt2Pd6Zoc4XbdZIaFbeVBZ7G4R_3TRK27w9tGAp2mrdn1J2nDQzDx6yKhKWJMSseDu6urIgs0IKByYS-8MnCgWgWxWpG38AoM0MnpsoyXpcJ8iirpbbo6TB80KRkZnksRgZaPxmANw3mPOt7Rg_7ogAmo9wTmrQuMZsTySfF3kPrRkpb9wOXleQrah9bJSYUZxPzd5kx1UCVPluRQCz6_4xVFOQvD2X_UlUUBFn2ptr_8MVH2u1-p_DdU-mhehrika6PaO71Bsn8s_Vk7P2yTD58N5xm-x-h_nEt9OkiFSROUZH_VKzRngpm6ck32abjcEGJqBnqWvflendRNUrUhvPlasILI9rgf-wpAo8IWk4z0tHEcIYPbJy5BZEYn_CBnuWdA7eBBAkxXsWkuVMqxB099ql4V336xo4U2bgd_HiqlFmxaj96yitPvK_sQFabCEHZrTjGLTnOkMJSp2eurzWpgowZrX-ev4NF_acratwxuaoTPbBQnjAWHWPUD9hOi9SQ_294M94aS8yWiMgAimsJMUT6Je-L6Zdp4WlswmdxxnYhaXV904dYtY4_45xLWSoci4FdFH4yuL8gg_9hNUqW-XzLUr7a0me67nTztLw40xJpxXdiWi1UjPz8Vh5wPlGb6SMdmT5lilRsWm42kuFDLRYnk9MPugTVQqEGPJJpgb6adeWxaK0sWVoq7v1d-Wat2g59guKWnA8HtgSqMZ2YDC3caPrcjL1wRmBJU74il3rmQIIKU6w8P-GQkUtCeCKRGTxuUf2dV-OQNuGUT7pF34h2x3BahYJuEV7NFEbsQWCiv38zGq-XyfIsH7z__2UVWfsmqWw_jWeyN-EFyIgy7MWrtzqKG4wzSdT93rQW4AiIAk9wmZeJGrJx0cWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame DF31 35 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 19:57:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F602 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=3711855585759009&bg=!7e6l7qrNAAZ_DxPPfw87ACkAdvg8WtgnEZdZ8-h9cD_2zsy47gi5Htqu8mDhSvUW4sarReFwA_FYRQIAAACsUgAAAAZoAQeZAtq2CBWE_mVQT4eYyMXFzUtO2m1JbiqAsSMYutnR0vsHr7wLe4d1DHwKo3Ytw8HXdmyqrwIr3g7RdvuKNqTjzJqPs_17r0T46lQoFdaq75k4F4OkIExUUZyIyms470YvWcrHuljRZgAxvmAcjhOOjd0xx9WySGlhICUtQ7fwW41zU-eEc1p-OkxK-6nmx-o7bFTeop5mYCfqszYeWK8PqrGw6ed93rZqHIicf4B07ZY-xG3_vADChtqdwfW2IsMCoRTEF86pnjs7wnpA9NaYvMhcyDfBd7gNrAuCF5EOS2XUw7p6q1Pv-6hCIgmcuuwZJLRc6IErb3aioQV97oQWpaaOleNN3kZNk8omYbzyUHXQ-K_Lx_8HoFnm7ntHBCBnnmnAoOqMuyNXheZU1qxhfqhEEwSed7ifP6pXZuqMvKiBCS0WPoZ62P_zJCb48_3are8iklXdJwuTvqYBY-pfPHTby5-epekshH-Tav5TUFhsLbRWn3GKosMwun0giDVQCbu85QPiR_Bq7WjxOx3lmFAmvgDhDcOWCqdFenk8hV4CoZ6if75Rq9y_Ni74ol84-iAipAlJHzc5Y4CdmgSfVHGt1Ghym1zCgRl1p2_Q_C3SFx1aKYBL1P0HuhFrx-rnHc_xPuxRoiHgW2ZXm1hUsfKDV3jAq7gNGzfVIzLPVVgtNROsGDVhEDnU7KTEiMIaQ6KW5_tARSZhIGVxlFqZDdqF12SipPslcpVSI2Wk19-vyDelxzoj7U2R8tk1Jzwo3m-_-95vEpkJKRBh81frdhbjBsIYXr7TQnqDsQHorIlbVQvvYOAtVpn8EqnYmxZPrcwqTKHQIUJsArSHroyeXIaV317kkskqcIZ6qIqe3Z7nQTcA6vQ-sip0SoHm6tM5v6FnQoKRL3e5AMwjx3Be9uubXzE_cLhVenFn_br1m24IiCR2WH7pA0j31eF4xsUiVXAxN2HrcmBh2TR7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D03 0
9 B 47ms
45ms Image
text/plain 2a00:1450:400f:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WABPMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:801::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B240 0
20 B 55ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=1240198079541482&bg=!LS6lLmrNAAZ_DxPPfw87ACkAdvg8Ws50VRYxpI3U3CZI0srGZ8k2Pe7JzJ66HFKqIUH4NWmE6vgzMwIAAACPUgAAAAJoAQcKAKbwGQAmY8kRJyCu3Cq6kfgH2HTB4vYZa3vS5OSgAbIfnwH9FCGlSZ8H_ulUZqCBenEHXXar1WpkWkvNjLfnKWT7HYtgxZWYLidQBy25FrWRwUV1wP6r8o1pRMS4Wg1O_QjUB3XruQefog8hOnJDOAJ5qz7llZKWih7kCo-B7joLbOC0DQ-MNnCP4SPQ3K7SYzKgG1kRAdLP1fyKw2H2EYzU1y7GNMErmQLpwsydd9FO-uqq9bT3wpR1x7fGFnNZKMCh_2MyCcKsufGYr5lJHwxJsf6QUjDJkU1IBcP5ToZWk8yzi7ZQiiuBiSB2AvOJzR0NvxiMUbJqUgneeMWq4bfcp2avELxpTXVnkvbgMsvi_AEh0rJTDYc-JKJ_q-3mEtcH4l2F6UVIiCMKbUPSSJA8lrb2sNJemk0fXM8QNYQX7UrF-6ltePevR3izwD-yYSbB2kVOYBDjPbQ8lYC4BAgAJg8okYlXqAgR7PlRTIVkkl1dXzhUXOGJ8bMyl5RtRyB7Xljy49dLDFLlLbCr6-vxNXHO9oTLVsAuBYPNHlPUBNE-aaunXF3rTMPo5kYFfUefETWePXT8RMf56nJhnzdMRZw4a5XKpklSZn6iFEgKvFdjBljIFGwdVo7yO2lTmfK1MHRHYUISk0CmuWo95j9ZkXmfri53w7zp7YAJ8-ktZ1YjNVQyjmErQCdZ644Cnloly2YA1JH5z_TaEP9p_UbOVUBxpQ6LhpZq22JgNSXQngROYrc2mFAhY5dAQgLmL98CkLqmLkRIiywoOjgnjYtpVPFpXMn5-vOvxVO26I1u7n6_1CpTtRF2xWF_ooj5TObeSl0mNeuakpR_US1xfqTcQExKkAnUrheNCzn-gQ3ZnQ1bsxVxYAVwnj0Pil9-Pa32lCcbylPrkVIDWdSlfX3gm4E1Kz3t0mnzTKXdHb1Q_e9ZjqFUVx5drXjlSZb9mOxTtOj3-WX694onaDBWkYryAkGeQSED9KyXWPgihwV8jgBHxmkXB-Y6LeSMYAPIkc9WZK1HxO8Jxl-bRzFTHVhI_IWElFEqcrmFWwpYwgMmZFJPMeLXGKmSGerQ1NysxX_pWCuP6Ublf1y-2TbRDuGl4OWJPqsL7P_S1bvkvLxinqtA7kmlS8DAzMnBZ3waLMSk5zDZR2B2zvZu0m-BGbggnXzwvzZHNi4HR7VFakmd5_KoBm9n_paCFFvOM8oKwjK2KA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame DF31 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F043 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=1824066052782060&bg=!YmGlYSXNAAZ_DxPPfw87ACkAdvg8WkqXuAaE-a888-_k8MkjXe7zmeQ6a_ivedk2bg8aOA8HgLNb1QIAAABkUgAAAANoAQeZAuoiR5caRAbkvniBRBwFu97OjzNUzDf4XRc2GCPhiXMOEAhZTFUudHrWjjAd8ww_dNzFX49mD0ahDWQykiqQvlIonPoP4PLNaW7mjwwBMCERjMsnxkn4zpscXNXsMJ5cVJWsp-rAQPsuPmJUmJb06f2-oc_SxfkXJWxjiZYstU5WTWXVaBZHIB7Or34kjtNimpr_OWck3hl6E2jOxVkrEnUpFeG9huRMzDRNSP2mY4CQcwk_Lyxn-CAABRfyLBSDwd4mYgdRkl664W2XmeflsUgoCMDtZZ6AbRQ5lVXi7VKCqvDf8w7IJsQOboHM0bMdP9tiIwf-lbOmY7CKkTXI25e6deUHVGrjMRMHwrnOB7JYB_9oqU-d85ZPmqKhSxM23s6w481zCs5gcZrwnr_peM3I20iIub9oo1mmonTRRxObh-AKqq1Y7BIkRcLcvvAKIyouLJ7woJYsTVcTT3elg9wRPeU5owQKBQ9VND3hlxCqXJf4vVhgqdfwRZiOObKKsGMR3ZpeXT3m600O3ggI-yOvDzucLL57F9y8AQO8nFFs8bhRqxHnguNYHPFmO0-q_j7pQ4tVKoj-cOMhhMvwvuTtlyXE_paS17zouxuCl0bZWO0hujBJqvmHsolwBZj7PzuYUvZDatkmqLXmEVwHLyIqm3UPWhArTmQjQi62Iq2tYW-eCBaJ32M5H38XP5zENGY7P1gcMnYWVTbpLxphsQJYyyOzGlFINcTkHxu2L-c5N5RoXx8HHEyYTkqJH0mRRYZuIUsmvhmtZ8aP5rRSsqUKCEvYfnJ-hvvSaPF2WurlcfTHYjFmkK9JerH4V_Bl2f7ulW-U64V-MWGY77d2VsGF-EbPIobhVj7yFPI-tyfllyz33WcUYVsSTnx46_YguXW9mH7hYQ5sVwUXcGk6UZm6fbMWh95ahiK2CBCv1RzwKpyKhW8o4P_uZO8gqMcMPaEyzOxNKSSU-MGctkY66Opa1DBCn_3mJ4qXMA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430636&de=466108902433&cu=1643147430636&m=1022&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=100&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=1&ag=1012&an=3&gi=1&gf=1012&gg=3&ix=1012&ic=1012&ez=1&ck=1012&kw=813&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1012&bx=3&ci=1012&jz=813&dj=1&aa=0&ad=915&cn=0&gk=915&gl=0&ik=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=813&cd=6&ah=813&am=6&xd=00&rf=0&re=1&ft=915&fv=0&fw=915&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=1058154322&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=813&tet=1012&fi=1&apd=1015&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=widows-server17a2.com&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138355023537&S1id=22308610192&S2id=22383746382&ord=1643147430636&r=466108902433&t=iv&os=1&fi2=0&div1=1&ait=915&zMoatVGUID=&zMoatCURL=widows-server17a2.com&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A3F 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1udeLuBlcT3XiGjBYI-3AeoCHC1ajTGvCFXzxMm7JGFoVbjM5gvtFaMM2Rp8MIGbREebKD0sgat-SO9pb_-TJSaR-pAN4shbX6167jodxzBG3KP09&sig=Cg0ArKJSzJqflKE-ZtPbEAE&id=lidar2&mcvt=1000&p=560,1038,810,1338&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220124&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1319207525&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643147430427&rpt=204&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4DC2 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFd5eOTlO6mU4AWFGBrveWt4Vj2Uclopk5dJ06dT6T8qd77iSs64Cn23eomn9Sxk-rRDopWT1UOikFwjdEuIGFF-UWRc15lRehnAueyDaZsWw4loZY&sig=Cg0ArKJSzG5h02Rig1E_EAE&id=lidar2&mcvt=1002&p=560,1038,810,1338&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220124&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=374673385&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643147430171&rpt=488&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430636&de=466108902433&cu=1643147430636&m=1023&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=100&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=1&ag=1012&an=1012&gi=1&gf=1012&gg=1012&ix=1012&ic=1012&ez=1&ck=1012&kw=813&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1012&bx=1012&ci=1012&jz=813&dj=1&aa=0&ad=915&cn=915&gk=915&gl=915&ik=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=813&cd=813&ah=813&am=813&xd=00&rf=0&re=1&ft=915&fv=915&fw=915&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=985568865&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430636&de=466108902433&cu=1643147430636&m=1025&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=100&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=1&ag=1012&an=1012&gi=1&gf=1012&gg=1012&ix=1012&ic=1012&ez=1&ck=1012&kw=813&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1012&bx=1012&ci=1012&jz=813&dj=1&aa=0&ad=915&cn=915&gk=915&gl=915&ik=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=813&cd=813&ah=813&am=813&xd=00&rf=0&re=1&ft=915&fv=915&fw=915&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=130740322&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430636&de=466108902433&cu=1643147430636&m=1228&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=100&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=1&ag=1218&an=1012&gi=1&gf=1218&gg=1012&ix=1218&ic=1218&ez=1&ck=1012&kw=813&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1218&bx=1012&ci=1012&jz=813&dj=1&aa=1&ad=1121&cn=915&gn=1&gk=1121&gl=915&ik=1121&co=1121&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=813&ah=1015&am=813&xd=00&rf=0&re=1&ft=1121&fv=915&fw=915&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=1120598533&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:31 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame B240 0
17 B 151ms
76ms Ping
image/gif 2a00:1450:4017:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kyunjzt8&c=1240198079541482&e=31060838%2C31063821%2C31064535%2C31061691%2C31061693&ctx=1&met.9=1.41~2.a1~9.0~3_1.an~7_1.0~4_1.ed~5_1.ek~6_1.jv&met.3=827.a4~74.a5_1~947.a6~43.a6~49.a7~45.a7~91.a7~947.a7~95.a7_1~77.a5_4~894.aa~724.aa~872.ab~907.af_1~808.an~808.an~734.cy~112.d4_1~646.ed_1~800.ee~800.ee~800.ef~800.ef~800.ef~653.er_4~801.ev~825.ev~801.ew~355.ew~825.ew~825.ew~647.ew~863.f5~734.g6~863.gl~863.gt~680.gt~863.gv~734.iy~774.jv~844.jv~844.jv~749.jw_1~94.jx~863.k4~680.k4~824.k4~824.k4~863.k5~680.k6~824.k6~824.k6~863.k6~947.kq~573.kq~598.kq~113.kp_2~735.ks~783.ks~740.kt~863.m4~863.m9~680.m9~734.mb~863.mm~734.pj~680.q5~734.t0~734.w5~734.yx~734.11p&met.10=1_1.IJIDEAAIABiAmHUoAA&met.7=CCIQBBgBIAMoAzA2ODNoA3A1eKwCsAEBuAEDwAH2j4S6Bg~CDsQChgBIAMoAzBXOFRoBHBTeNfVAYABq9MBiAG59QSwAQG4AQPAAeLN6pYJ~CCoQChgBIAMoAzCrATioAcAB6O6lvQM~CBsQCiADOB3AAZi9zL0B~CA4QChgBIJEBKJEBMKYBOBVokgFwogF44rwHgAG2ugeIAZWQFrABAbgBA8ABl5qRogw~CCgQChgBIPICKPICMIQDOBJo8wJwgwN4l7YBgAHrswGIAavbA7ABAbgBA8ABm-H6cA~CC8QBxgBIPUCKPUCMI8DOBlo9gJwjwN4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIPYCKPYCMJMDOB5o9gJwkwN4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBwQBhgBIP4CKP4CMLIDODNo_wJwsQN4rAKwAQG4AQPAAZSE4rUO~CA8QDRgBIP8CKP8CMMADOEJo_wJwwAN4-2mAAc9niAG0hQKwAQG4AQPAAb_emusG~CBsQBRgBIIADKIADMLADODBokQNwrwN40BqAAaQYiAHOL7ABAbgBA8AB5-ihrgM~CCcQDRgBIM0FKM0FMOwFOB5ozgVw6wV4gkiAAdZFiAHUW7ABAbgBA8AB8_LLrgs~CCIQBBgBIM0FKM0FMIEGODRozQVwgAZ4rAKwAQG4AQPAAfaPhLoG~CBwQBhgBIOsFKOsFMJwGODFo7AVwnAZ4rAKwAQG4AQPAAZSE4rUO~CCcQChgBIPMFKPMFMLQGOEHAAeLBm9oF~CCcQBRgBIMYGKMYGMPUGOC7AAZmVn6AL~CBsQBRgBIMgGKMgGMOkGOCHAAc_G2uIB~CBwQBhgBIJEJKJEJMMkJODholAlwyQl4rAKwAQG4AQPAAZSE4rUO&met.1=1.kyunjzg4~14.0~15.0~16.0~17.0~18.0~19.0~20.jv~21.jy~22.9i~23.9i&qqid.1=CKfEqJfxzfUCFRVF5QodtBgEbQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widows-server17a2.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
15ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430636&de=466108902433&cu=1643147430636&m=5051&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=100&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=1&ag=5041&an=1218&gi=1&gf=5041&gg=1218&ix=5041&ic=5041&ez=1&ck=1012&kw=813&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5041&bx=1218&ci=1012&jz=813&dj=1&aa=1&ad=4944&cn=1121&gn=1&gk=4944&gl=1121&ik=4944&co=1121&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4843&cd=1015&ah=4843&am=1015&xd=00&rf=0&re=1&ft=4944&fv=1121&fw=915&wb=2&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=1648237978&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430781&de=448988205142&cu=1643147430781&m=5274&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=17&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5067&cd=3&ah=5067&am=3&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=native-mpu-middle&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=native-mpu-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=native-mpu-middle&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=1009844710&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430900&de=994050696304&cu=1643147430900&m=5266&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5060&cd=3&ah=5060&am=3&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355023537&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatMMV_MAX=na&zMoatSlotId=mpu-bottom&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=mpu-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=391806133&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&zMoatAType=magnet_article&zMoatTest=skyboxtrans%7C1%7Ctest1&zMoatAB=magnet_article-skyboxtrans%7C1%7Ctest1&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4SpS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-BTTEEAlWe0wLgg%3D%3D&sc=1&os=1-2A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwidows-server17a2.com%2F&id=1&ii=4&f=0&j=&t=1643147430967&de=223764984306&cu=1643147430967&m=5248&ar=3902fe7180d-clean&iw=189f0f6&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4367&le=1&lf=0&lg=1&lh=25&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1299%3A1299%3A1936%3A1286&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5041&cd=3&ah=5041&am=3&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138355368817&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatMMV_MAX=na&zMoatSlotId=incontent-ad-plus-billboard-bottom&zMoatCURL=widows-server17a2.com&zMoatDev=Desktop&zMoatDfpSlotId=incontent-ad-plus-billboard-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=incontent-ad-plus-billboard-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=196551&na=470438960&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widows-server17a2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:50:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 21:50:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widows-server17a2.com
URL: https://widows-server17a2.com/?_=%2Fembed%2FYHF2m-8wQdg%23fYDD1XjyY0xl%2B2r5jtM3d%2B5vhxweNA8%3D

Domain: admiral-mtml.mt.rvapps.io
URL: https://admiral-mtml.mt.rvapps.io/api/v1/content_suitability_id?content_id=2a1c6e58-9d8b-4896-8b0c-f59a7ef02931&site=cnet&key=AIzaSyBeObCAKcZ7wX_3OeSzSogGsReTLAD_g0Y

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: www.cnet.com
URL: https://www.cnet.com/ext/make/ingest/v2/t

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?7FQ9sg

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widows-server17a2.com/	1969-12-31 23:59:59	Name: fly_js_debug Value: []
.widows-server17a2.com/	1970-01-20 09:11:23	Name: utag_main Value: v_id:017e933800dc000c9a6682ce121303072001e06a00b08$_sn:1$_ss:1$_st:1643149228061$ses_id:1643147428061%3Bexp-session$_pn:1%3Bexp-session
widows-server17a2.com/	1970-01-20 00:26:13	Name: pv Value: 1
widows-server17a2.com/	1969-12-31 23:59:59	Name: cnet_ad Value: {%22type%22:%22gpt%22%2C%22region%22:%22aw%22%2C%22subses%22:%224%22%2C%22session%22:%22d%22}
widows-server17a2.com/	1970-01-20 09:11:23	Name: _mfuuid_ Value: 8c83fb51-236f-432d-b59c-84b9ebee802e
widows-server17a2.com/	1969-12-31 23:59:59	Name: OptanonAlertBoxClosed Value: 0000-00-00T00:00:00.000Z
.widows-server17a2.com/	1970-01-20 17:56:59	Name: chsn_cnsnt Value: tglr_ref%2Ctglr_req%2Ctglr_sess_id%2Ctglr_sess_count%2Ctglr_anon_id%2Ctglr_tenant_id%2Ctglr_virtual_ref%2Ctglr_transit_id%2Cchsn_dcsn_cache%2Cpmpdid%2Cpmpredirected%2Cpmpredir%2Cfuseid%2Ccohsn_xs_id%2Cchsn_auth_id%2ChashID%2CetagID%2CreinforcedID%2ChttpOnlyID%2CfpID%2CflID%2Ctglr_smpl%2Ctglr_reinforce%2Ctglr_gpc_sess_id%2Ctglr_hash_id
.go.sonobi.com/	1970-01-20 00:25:47	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56129\|YfBwq
.widows-server17a2.com/	1970-01-20 17:56:59	Name: tglr_tenant_id Value: src_1jbobeEHGTZmBD9QsSnBOaHCzpy
.widows-server17a2.com/	1970-01-20 00:25:49	Name: tglr_sess_id Value: b6c97cef-4802-4c21-b01a-90f3cf0b402f
.widows-server17a2.com/	1970-01-20 17:56:59	Name: tglr_sess_count Value: 1
.widows-server17a2.com/	1970-01-20 00:25:49	Name: tglr_req Value: https://widows-server17a2.com/
.widows-server17a2.com/	1970-01-20 00:25:49	Name: tglr_ref Value:
.widows-server17a2.com/	1970-01-20 17:56:59	Name: tglr_anon_id Value: 2086b350-45f6-4802-ad6a-aa4e77da8c6e
.widows-server17a2.com/	1970-01-20 17:56:59	Name: pmpdid Value: 753588bf-4baf-4a5d-b68d-b1f38c26f683
.cohesionapps.com/	1970-01-20 17:56:59	Name: cohsn_xs_id Value: b6008bae-4ec4-4b87-b627-2bee15e0e0d6
.widows-server17a2.com/	1970-01-20 17:56:59	Name: cohsn_xs_id Value: b6008bae-4ec4-4b87-b627-2bee15e0e0d6
.adnxs.com/	1970-01-20 02:35:23	Name: icu Value: ChgI8ap5EAoYASABKAEwpeHBjwY4AUABSAEQpeHBjwYYAA..
.adnxs.com/	1970-01-20 02:35:23	Name: uuid2 Value: 5855075767187480799
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BtChNFAAr+7XdnWQ2t0CNhncoYRhePLF0nQ3IpbyMw0bpo2XNG6PTqqHZbuL5+nLKRys2mn9YQuneRSLAnarFwv0pGxR1x1SrC96OoGPFnIhzD/9S89fU6s=
.rubiconproject.com/	1970-01-20 09:11:23	Name: khaos Value: KYUNJZ8V-O-FMZ7
.rubiconproject.com/	1970-01-20 09:11:23	Name: audit Value: 1\|bkkeSz5hU3y4NEbpPFB3RMzzH/SUMvpGs1wMD2ZZQDKAc5uHgCNHvna4VXZPS4H5IjTdbKwMweLkwIjUgc3teXKY++jymV4/FTRfhC1maJ4s47qlN5ix1w==
.doubleclick.net/	1970-01-20 09:47:23	Name: IDE Value: AHWqTUlUnjt_Gsd1_TCOjT0ceD3fAoJW3spVUe8Sjmc82I-r_urpg2D2smu-mFAjh-E
.widows-server17a2.com/	1970-01-20 09:47:23	Name: __gads Value: ID=4dc70d75d52b68ef:T=1643147430:S=ALNI_MZoZfLiaODF8b5s8qCtiSsgnk3_TA

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.go-mpulse.net/api/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&d=widows-server17a2.com&t=5477158&v=1.720.0&if=&sl=0&si=f251d93a-5fdf-446e-9d90-f4c26b1e2f21-r6aco2&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://widows-server17a2.com/?e=RED6250858657&_=%2Ftech%2Fservices-and-software%2Fwindows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet%2F%23fYDD1XjyY0xi4Hyum9Uxd7Vgh1UcKwrK6p0Twaw%3D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://widows-server17a2.com/?_=%2Fscripttemplates%2FotSDKStub.js%23fYDD1XjyY0xx6HP5lNMtaPJojlMKdQ3X4w%3D%3D/consent/d7b19758-74b7-4244-8f94-61299f58ea38/d7b19758-74b7-4244-8f94-61299f58ea38.json Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://c.go-mpulse.net/api/v2/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&t=1643147428003&s=b3881c5048d6518a1a32d670b776afc4ccdcb33f7b3ebc5945106915ce087806 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://widows-server17a2.com/news/windows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet/pubdate/xhr/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://widows-server17a2.com/news/2a1c6e58-9d8b-4896-8b0c-f59a7ef02931/audio/xhr/?slug=windows-11-has-arrived-but-heres-why-not-everyone-will-get-the-upgrade-yet&typeName=content_article Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to fetch at 'https://admiral-mtml.mt.rvapps.io/api/v1/content_suitability_id?content_id=2a1c6e58-9d8b-4896-8b0c-f59a7ef02931&site=cnet&key=AIzaSyBeObCAKcZ7wX_3OeSzSogGsReTLAD_g0Y' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://admiral-mtml.mt.rvapps.io/api/v1/content_suitability_id?content_id=2a1c6e58-9d8b-4896-8b0c-f59a7ef02931&site=cnet&key=AIzaSyBeObCAKcZ7wX_3OeSzSogGsReTLAD_g0Y Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://widows-server17a2.com/ Message: Access to XMLHttpRequest at 'https://www.cnet.com/ext/make/ingest/v2/t' from origin 'https://widows-server17a2.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cnet.com/ext/make/ingest/v2/t Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://widows-server17a2.com/ Message: The resource https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FProxima%2520Nova%2FRegular.woff2%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://widows-server17a2.com/ Message: The resource https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FProxima%2520Nova%2FBold.woff2%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://widows-server17a2.com/ Message: The resource https://widows-server17a2.com/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FProxima%2520Nova%2FExtrabold.woff2%23fYDD1XjyY0xl%2B2r5lNInd7VujV8%3D was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12856f7e3be62d3c712ec906b1e7703e.safeframe.googlesyndication.com
584a2255bf658887ed352b006c007391.safeframe.googlesyndication.com
750b4db0fc396c7356ba5ec31fd5f73a.safeframe.googlesyndication.com
8a0f598a141aaf01aef438c8fca887cc.safeframe.googlesyndication.com
a.myfidevs.io
admiral-mtml.mt.rvapps.io
adservice.google.com
adservice.google.de
apex.go.sonobi.com
at.adtech.redventures.io
c.amazon-adsystem.com
c.go-mpulse.net
c2shb.ssp.yahoo.com
cdn.cohesionapps.com
cnet-d.openx.net
confiant-integrations.global.ssl.fastly.net
csi.gstatic.com
f1d4c07c2aacba912de2e6351516b4b7.safeframe.googlesyndication.com
fastlane.rubiconproject.com
firestore.googleapis.com
geo.moatads.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
redventuresgamdisplay60805146916.s.moatpixel.com
securepubads.g.doubleclick.net
sofia.trustx.org
static.myfinance.com
tags.tiqcdn.com
tpc.googlesyndication.com
urs.cnet.com
widows-server17a2.com
www.cnet.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.myfinance.com
z.moatads.com
admiral-mtml.mt.rvapps.io
tpc.googlesyndication.com
widows-server17a2.com
www.cnet.com
142.250.181.226
151.101.130.154
151.101.193.194
178.162.133.150
18.156.195.47
184.30.24.194
185.33.220.100
185.64.189.112
2.18.235.40
23.37.38.181
2602:803:c001::200:194
2606:4700:3030::ac43:b431
2606:4700:3037::6815:2b8a
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:831::2002
2a00:1450:400f:801::2001
2a00:1450:4017:80c::2003
2a02:26f0:6c00:1bb::11a6
2a04:4e42:4c::666
2a06:98c1:3120::7
34.120.203.121
34.224.146.121
34.246.74.180
34.252.133.182
34.98.64.218
35.211.168.6
65.9.61.34
65.9.71.173
00b9c8fc5d015c6b83315fb2180bb41d0af89327a86050ddca78269c3b5eef59
0255b84536d7a95436c94260db2bde8d5f261ed2900812c6713c1cf8a246a4e1
02814d2be4e2739695499d7893413689443742983c4c369772b25a071d53f63b
057b2578ff4e8dd9f63e394780db5a41ae1558538b6bcaf0a69ebc054b419a1f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ba5993c22886bb1f2f86036ca4f2df0ecab93f5cbd7942718b23621e0177b45
0c7e50cd5a271ca64070782bc65f2668ce40f3800640b4b316e27f79b01b35a3
0df32c790bf3e270685bc509c332943cd48fb6fb60cb8bce8d2ce0c33782fa91
0f74dbed1d29665781e054861d07a1321aaee5d29c834876752e86d96f075c4b
106f31f1d5f1d6f0e560168ae9977701ec72c297374fd2ecc5def16b27268e6f
129d8ed0345a121aa001c5e13b98a0487371c9a2a2578bd9da31e64d71324b99
12df26f70a91d47159ee5cac10e97f2f6e9778f0f1377a51388f719556d7f877
12fb1146988c0971cec55d14d923e7a4c8b36edb0394cc0ab10ba758968274bb
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
134d0d9de174eceb1ec3499baa37b901eeb171c7d2e160075494349a1ece5608
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1519b749cd811cb5baa139b013cdc298e956c02e35bdb02b2417a7b7f1cd4f3c
15b74ffa52355fe62c1b8cd95c60227724238677736ac0c100ee87511558d0c3
181e582d51bf6b840d4e4cea2588b8bb5447fde8ade1a062790fc0f280a23118
18de5cf69a219d96e4893face075b87cf39858701e63cfc6e0a069e1e79738f6
190c76b7dfa194f92a1cf47e3cbee1f291554f583d9e21e31b79af0f9a9b34b6
1919e55bc80b1e71c14129a3ff943a5627245b854bb2ac91c71a43ba3e0eb9bb
1b3b2fb20c7112dc96d8693c7d7bf31f524f016c2f81952ea5a82444fd0ede41
1e3ba8f4f6c809752ad9b12a9577bef9bab878cbfbc7022750c937ef91b7fcb3
1f249af3f9359dfd41c4b454ee7771e71e210aab343055c67a9a942d8fa7dbed
2465aae7df9442a0ed374161d04736cfa6a09b593691cfa2ef5d49820311fc49
2555b995fcc2b2163258ec908a57b133e97fb42c8817317829df836876551fff
262b9f64b0f097d7fa0cd46c9d7fb42542b2a3eca1ff6dc36b71f3e199c0b0a1
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2a6d7ea8f945b215a7f814ef25ce2c6b98d1ebf64ba3370641bb9a0e761cbad2
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
2f89df2715f95b1d7658fe123c1583776389dfefdeda4977b2e57f2ddc6a4720
311e34bc92454f4b23b57b27ab1bd2b8dc7d7adde628201534aaeafcb6ef4b70
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
3249631fbc5c94178ff4773d364d3d4fd0facbb4f900260ad690514d0a006c9b
33c64dde9d4019e737080bdb7812dd5a0649dab879229f8a54c285816a0608f0
34f7a0590097828de42efc75b6dfd3259c1f0eac8651c7c6bdf8ffaaf348956f
3e268aced6765aaea69613e7b8661aad78ffc0e74c9cf9b2c09e2f32b2f39c93
3ee306b4c36481d05b71ff2e7caebee8d6fdfa2d9eddf2ef1e6f1aa791775e4e
41e6541b07f9c3b306a517917eedb53d7c7bfa006faf6673aaad98c9d96f7023
43a8045f4b231a9ec44f825e3fd4ffa6e845bc4f8ecab1d61b14ca1d499d0c38
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
4832c8abf98eb9eb3aa330ec5c33dc192d7c940680f11a9e72d82a74f1042b4a
4930aed2cdc1f584db2af5440ddd11ea9b51884ae822802e180d02049c2d92ed
496885495c6d469b10e907f25147b3a672566c3a5ea0e6a432c0dc4d409e8aa0
4a15986135489ba299edbf05b0f8f8b6283e9d3eaca726ca834c70c730532514
4c7dcccbaf127c4596cae4ca7528e1d1da5b965089c27abd9b87874e9cb05a37
4dfe28ac8aaa3453846a4dda19874460f86e9b4cb98979aab7cfcc4d4354193d
5515be95b3541ca1aa07bf5e4144e3e4e050dd91e29f91d700d4be92752942e1
5549dd0232b749a7c42f3f562da95c2a96cc0addb77889a285f44fe54aca1693
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
5aab77d1e975faf8b66b4ae8e2ccecc178b32680b1b09eaa1b7fcb50f7454c3c
5b6ad7aab6200c888b8e3b999c8cdb1762a8536004daa3816075ff3bee550aa7
5ea0f1b45f2573f658938dc4e0ee600350796cde09fc904d60e548f510935ebe
6101a1646eaf1e2bb68a9e7412d600fe98d11be3ec15ce59ad927a31d8b429a7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
683dc17ee826b76ed24c36a5cd523373c4b1d8a5b1bc5e23fc34ddc9e56dd32c
68ba54c17f264ca7fc2ad1d4d124314dca3311981b5d0a07453977d3e650953b
6f336d157ea725abc96d756462a6c77a86cf9ba8a859b7019e905100ecf7b488
70401ae9d420bc1232d43a35db3ad0c6bb95bcd41272477e961a844011d26ea3
706abd330a796e08ed8d1443fe93c44b83d07ec5f759aad192587f581589fedb
73ed57fba43ed89fa450a1ae368c27908a43950ebc106287632a3dc9c1184da2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
755330c0a88de5c230517e85380c1e35d762233145ba1d682af19a079f0f6e77
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8149ee7691962dbe8eefe2aecf36ca14e44683cb93002a54a9c0144bed567c32
83b7ac6d0b34e5c29fb9a8a3769d8a0589b6a11e7dbf671e7ea2b155e1c68feb
8469169d0eaaaf8ab95d5077aee0b101c59fdd981bbeee209670f2b5665dab63
84a491b5ca0d75ef37dca2a3e52d8fefc0632fa45046b0e5e6710c7d5e5bb971
85de4afa13f2573e875d1dab4b5ef0597e8717e58b3cb3173cd2dfa407c5e98a
86da2a7fc69897a306315b9d9444d6c53cb69f66efdc1eab0d1550f2a15e5c35
86f6444eafceacae485c6aadbd60d9659319859369ba5b9d4d0a1bc09eb5d098
871f863df0eda83c35c0098c5beac1c2da5a8effdd5a9f5c1859d28355084c41
88b8a3cb9df436d6910440c58428516accee080be4fa556d3cf10ec6905cf1b9
8b142fded07d33f32b5b756e428f255aec4c063229d7ac7be52d804503acf5a4
936f45495bf05d16e25cc7258b143de40bf4d5147c5950a702aca51d6476ec65
9c7b84cef152931d2c19876f3c91cf9bba71c10afef843f8e8effbae3035800a
9d1402d683aad37e412b0e399e30ad2dd7566d0b60a289cfc7b5da6b7a144052
9f5ac6b43f6acf5949acc9f633aae7af8a74a9d1210fdad0a9f3f9fd31f17e2e
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3166557b79148276fd17a1f9de3bedd6f66527a14fb0a2cfe84583fe1f8d12e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a72aa163f673b0228fbee4e556096cbafa4f5c2fe68ec2080c30fff8daf3f6cb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad7f0672ed74b2d0fb68bad63424a2ac419489e4607406dc51b7ffe7617cf4c2
ae9c76eb11910946ba18297c9e0b6b98168fe0e3283f7589d95fed713af57dba
afac3a301d848688d0748228296ec7ae26369f67c2df29f3f480ef3ab0bc6ef9
b181dca1575ce51c7b770e681f4baf1d9f001f6db6d2562eb832a2472e504654
b766d96e65691c3d05e08120e72cef01873b97c47a2827eacf4f589f8eb0623a
bb3661ac37cbb213b64eb600c7c30da647babd9a2b2ffdbe5f30830fcebe2cc4
bfe9668672a095f9fc720a967cf250512c212afd0c1016e88fe82a3fa4b8e2e4
c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6b37e9e9879ed123488d8153f15cdfc68a14962068324310d7d933867332f74
c735b342e7ee91c2b73a6510f330680c6df6fa8e02f060db89f7054b727a4a80
ce98257dc9ab9092e17aeacf8d20aa9eee43ac7bcdbee90267eaa4505f659c1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd3e60148c70c05a0449117c6a14272d57cf7bd65ebc56240eb7c09ba8f47e9
d031be57562f416dc55c393bfb3988cc7089680b5dd8e0cc16870ded36936ed9
d1024a6534c3452fea65bd253afe19dc9d5c16641013294e0dc3d33841904a9e
d14089a26465eafc74f43e9aa9f3e20d5c61ae083d94d8a719741f8d003432bd
d18b319c207d7b09f63b3596f0451b5c458c20004814d7f33459b3f91ce99fa1
d2c153908a99c68b87e8921e94743f114af4ad6e405e89614d8f57e5e058774c
d37c3eef0e47bc854a1ba7b2dbdec01b0f036e339eaa124c6deba8d2898f3eba
da97b2576d66f01e543a3e9a77081d9ccee0d8a21fdde5ee7bcfb7b7921d87ab
dae96d1fd372f7397ae47e29db54a1f6a92e7bc81b61f33420910395d5fd36a2
db3e4132eb81ca1453b5c8a44ccbdade8720f169da8f23ac3a3bc6d4d9d29085
e05838123895ed7347929aab9a6670b5b051b4a3c690a2c3e11772de8b3a79dc
e0f8ed84b542ba1da556d2bfe1cee41136ed60bb9a28e6ac06b95b73bd57ef8c
e127388f60d368fc7f5618940065833000f944833d6d80c0362bc3799ef472cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be293314fdfb9ac37e15b9f960770700a5916fdb9df99e2c5d4e8d928ed393
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
ea39b392cc58d573c0f7b6a5d92f728351e2a5e110b48a8b28d45332990ccd0c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a398729a16e4489e45e7523d844f6b5a72d5360e7cb8aa81525180dc43065e
f3239eac54d1c4aebf47516a684313bb34acc6e41fc92e1effcb48a863e49930
f663106e0d5280781e4862d5b316a38010bbe3e59d0834ba221b18e949576b26
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fd940925fc76b4e7a08333eaa25a86c4a3c7ebc3584914976e4c99b0c9434db9
fec7bd59be23ba1a42b4a4a5197614ed6b15a615dc143ae565d71c12f67de3a7

widows-server17a2.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

270 Requests

96 %HTTPS

49 %IPv6

28 Domains

41 Subdomains

36 IPs

5 Countries

4249 kBTransfer

12636 kBSize

25 Cookies

0 Outgoing links

Redirected requests

270 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

widows-server17a2.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

270
Requests

96 %
HTTPS

49 %
IPv6

28
Domains

41
Subdomains

36
IPs

5
Countries

4249 kB
Transfer

12636 kB
Size

25
Cookies

270 HTTP transactions
8 data transactions