winrars.org Open in urlscan Pro
179.43.180.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winrars.org/old/
Submission: On September 27 via manual (September 27th 2023, 8:31:33 pm UTC) from AT — Scanned from CH

Summary HTTP 124 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 15 domains to perform 124 HTTP transactions. The main IP is 179.43.180.200, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is winrars.org.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.

This is the only time winrars.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	179.43.180.200 179.43.180.200	51852 (PLI-AS) (PLI-AS)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
19	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638:3::10 2a02:2638:3::10	() ()
1	2a02:2638:3::1a 2a02:2638:3::1a	() ()
1	2a02:2638:d::c 2a02:2638:d::c	() ()
124	26

30 179.43.180.200 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com

winrars.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (None, )

ASN- ()

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (None, )

ASN- ()

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (None, )

ASN- ()

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	winrars.org winrars.org	301 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	397 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.eu.criteo.net csm.eu.criteo.net	378 KB
8	google.com apis.google.com — Cisco Umbrella Rank: 242 accounts.google.com — Cisco Umbrella Rank: 71 www.google.com — Cisco Umbrella Rank: 11	142 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	114 KB
7	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	97 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1600 syndication.twitter.com — Cisco Umbrella Rank: 1900	150 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	229 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7499 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 8966 rtb.fr3.eu.criteo.com	53 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 109	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7583	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	602 B
124	15

	Domain	Requested by
30	winrars.org	winrars.org
19	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	pagead2.googlesyndication.com	winrars.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	static.criteo.net	ads.eu.criteo.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	apis.google.com	winrars.org apis.google.com accounts.google.com
5	fonts.googleapis.com	winrars.org googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	platform.twitter.com	winrars.org platform.twitter.com
2	www.facebook.com	1 redirects connect.facebook.net
2	syndication.twitter.com	platform.twitter.com winrars.org
2	accounts.google.com	apis.google.com winrars.org
2	counter.yadro.ru	1 redirects winrars.org
2	connect.facebook.net	winrars.org connect.facebook.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
124	25

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
winrars.org R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-05`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://winrars.org/old/
Frame ID: 40C1C9FB0EEF9AB247911077929B2F47
Requests: 47 HTTP requests in this frame

Frame: https://apis.google.com/u/0/_/widget/render/follow?usegapi=1&annotation=bubble&height=24&rel=author&origin=https%3A%2F%2Fwinrars.org&url=https%3A%2F%2Fplus.google.com%2F116749209450715911612&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__
Frame ID: 9B6AEF09D0601881CCE2D05431F17922
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20190131/zrt_lookup.html
Frame ID: 6449D1F7A7F9882413B25E7EADF4CEEA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwinrars.org
Frame ID: 88FA11525DA7B50ED4014A870EADFAEF
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwinrars.org&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__
Frame ID: C377103F0CD4D3DD721F24D858517F0A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9764971761641225&output=html&adk=1812271804&adf=3025194257&lmt=1695839488&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwinrars.org%2Fold%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695846688151&bpp=4&bdt=326&idt=209&shv=r20230925&mjsv=m202309210201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2658479587177&frm=20&pv=2&ga_vid=1290061652.1695846688&ga_sid=1695846688&ga_hid=203664329&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31077328%2C42532402%2C44785293%2C31078135&oid=2&pvsid=1933830769157501&tmod=1311535616&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234
Frame ID: 1C05D4DAEB3C966CF10800DC4654FA7B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 2C8EC8E9B103E93428C00B88EA4011DB
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3a2aba60585cf%2526domain%253Dwinrars.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwinrars.org%25252Ff2c264cffc6fac4%2526relation%253Dparent.parent%26container_width%3D243%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinrars-861216040684568%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue
Frame ID: 2B960910BCE1BE9A39E29118E3FB7D2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4A38272A509908893AD54C09DC2929F2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1
Frame ID: 64F66FECDC41997C0204AE7A5694E973
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1
Frame ID: 01BA10C79E8BB46CCE9A6ED50E3AC55B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1
Frame ID: 729D4AB0D0743C362A063BBB0C7D0200
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRSRIAAHQkgBd4ONAACIdY3r9lhCQ702cukivw&u=%7CU%2F4gVqY2nXXG7xKgUNo5n6KdzmO4b1jHCmMdxlcl2rk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qRWfpaugji6rT1ODRaTBnAzbk6JUF3vZB5YhvwlQWa4tMX9x1Fo3UiDCn3ZBYKHShrun6npVk9NhF1pqJbqTVgSwS2cFwslEW9nq7X-FKEcvmEyuPCy2DFJnh9MlbOhJcpQg7gzwTXCou9QrWHgW6BpuP9bOc-0sHN7HAdrKQFJhI3cJlIwNfVnpKmZQx3883t0yRL9CoHCyGagvZlYseCgWGRPohjFwL8OTTC64bCzzsYAStgXcI7HC3v53F0eqq7RUR4p2Tu0XuVe6IWAP8xze0tePrNQRjgak9owlwsrMnXybs_ZUFxHmS7hLPFry2ZcMbX0LzXbzG80W5vI_RNEeGCoL5RtQYCJLObMfDII4gv-jN5SgeOvZLPW-mPcl6PPUEakiRt7ppIzG1RO4q_qu6nmHJztgmSnf-F8xaevDBsr36H7dUeSyP0SeBNeMdGwVokYUo87-D5aT_bdsKAVkVaDPEM_60okRGhvk3cvd-ssQgay6JWhRPB35g-k6YGZRm4E6VZX8cwnRH3kzVNL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCigQ3IJEUZciEHY2H3rsP9ZCC8AjJntKxXJWil_dwwI23ARABIABglQKCARdjYS1wdWItOTc2NDk3MTc2MTY0MTIyNcgBCakCeJ4kidy2sT6oAwHIAwKqBLkBT9CnLayRUqzU56y2EWkXpnWKnW2WsBzzftaF4Ktf_B0kLfqL0C6rhDLf0wesktvOMUq8nHoJ3L3cXgPutYEXrR_HhbwkPhrPFlNJVbIfJtHxuQjBFBeRIci8O0ACHy3iY-PbiBTh7gVhFERjl8_bFao4Sy-d916aG9ZDEnmJpkiAJjbfTGls4iERZefnkAxFPDsPDwlcsRKR1at2UmO8ee3YwaR3C-3Sm1MtYVU2xKq8KL6VUvxLi-2ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1z9XWLXPr_t7vQ-sno3JB2NeJFZw%26client%3Dca-pub-9764971761641225%26adurl%3D
Frame ID: F20BA749BB0553B46BF5815F54255E5E
Requests: 21 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 68C5081EB94049291A5BE43A4810119E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0BDF63054B7F6CD3CA866F2A9B54A4D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8FFE3C6C9B411C6BF9205AFB2771C41
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: F7BD600690957D0B0D0D0E0F30AB3199
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: 268EDF0BFAF789E71422712B47D2545B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: 3D26B03436E55BFDC20AD66CA657B285
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download old versions of WinRAR for free

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

98 %
HTTPS

84 %
IPv6

15
Domains

25
Subdomains

26
IPs

6
Countries

1960 kB
Transfer

5009 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://counter.yadro.ru/hit?t38.1;r;s1600*1200*24;uhttps%3A//winrars.org/old/;0.8044015633108719 HTTP 302
https://counter.yadro.ru/hit?q;t38.1;r;s1600*1200*24;uhttps%3A//winrars.org/old/;0.8044015633108719

Request Chain 55

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a2aba60585cf%26domain%3Dwinrars.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwinrars.org%252Ff2c264cffc6fac4%26relation%3Dparent.parent&container_width=243&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWinrars-861216040684568%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&small_header=true HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3a2aba60585cf%2526domain%253Dwinrars.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwinrars.org%25252Ff2c264cffc6fac4%2526relation%253Dparent.parent%26container_width%3D243%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinrars-861216040684568%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue

124 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
winrars.org/old/ 16 KB
5 KB 177ms
47ms Document
text/html 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 / PHP/7.3.33
Resource Hash: 42e99216f8561b4842a44826b5ed81972585a8fd3ee50364cda31e3c650cd6e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 20:31:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.24.0
x-powered-by: PHP/7.3.33

GET
H2 200 index.php Show response
winrars.org/engine/classes/min/ 204 KB
61 KB 63ms
61ms Script
application/x-javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/engine/classes/min/index.php?charset=utf-8&g=general&21
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 / PHP/7.3.33
Resource Hash: 1c02a67f76233ad4e35113dfcfceb8d4ebc7a10cb320670cf7394328505d25f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:43:57 GMT
server: nginx/1.24.0
x-powered-by: PHP/7.3.33
etag: "pub1686764637;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
content-length: 61902
expires: Thu, 26 Sep 2024 20:31:12 GMT

GET
H2 200 default.css
winrars.org/engine/editor/css/ 2 KB
897 B 30ms
27ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/engine/editor/css/default.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:01 GMT
server: nginx/1.24.0
etag: W/"6489fc61-9ab"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 globals.js Show response
winrars.org/templates/Default/js/ 3 KB
2 KB 63ms
60ms Script
application/javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/js/globals.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: a1610fb010ffc0d47d427e602b5e8b26c3c7d32bec4633798479713c5e32f342

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:09 GMT
server: nginx/1.24.0
etag: W/"6489fc69-d4f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 redirect.css
winrars.org/templates/Default/css/ 582 B
403 B 30ms
27ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/css/redirect.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: 87745ffe7eff1edcef1a246d7856fb557b9b983f6edf126e8c10662c31436cb6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:06 GMT
server: nginx/1.24.0
etag: W/"6489fc66-246"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 time.js Show response
winrars.org/templates/Default/js/ 192 B
332 B 63ms
60ms Script
application/javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/js/time.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: a8b0bc4b52a4a3b4367326877967e6812d77ad25fccf4ae038225309052795a4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:09 GMT
server: nginx/1.24.0
etag: W/"6489fc69-c0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 styles.css
winrars.org/templates/Default/style/ 13 KB
3 KB 31ms
28ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/style/styles.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: a83e70b06b43dc7f7b919674d5cd0341d2e25a74b1bf9ad2ac6ee2f58c86be7d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:10 GMT
server: nginx/1.24.0
etag: W/"6489fc6a-32b3"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 engine.css
winrars.org/templates/Default/style/ 26 KB
6 KB 32ms
29ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/style/engine.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: 992fd963d78b71928dfeb3504d11d56a032fa70e475df0e5c9832146c1a0d23d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:10 GMT
server: nginx/1.24.0
etag: W/"6489fc6a-68f1"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 scr.js Show response
winrars.org/templates/Default/js/ 273 B
365 B 63ms
61ms Script
application/javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/js/scr.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: 843bc65f7a1d63ed3bdc730f0903acb266b06183eaef30a325ce1748c9ae265a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:09 GMT
server: nginx/1.24.0
etag: W/"6489fc69-111"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 bootstrap.css
winrars.org/templates/Default/style/ 121 KB
18 KB 58ms
55ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/style/bootstrap.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: dcd25a85b83ec0bd66273e8b8c9d4e80fab2e739da404bcd4f48c099287f6d79

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:10 GMT
server: nginx/1.24.0
etag: W/"6489fc6a-1e41f"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 styless.css
winrars.org/templates/Default/style/ 4 KB
1 KB 61ms
59ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/style/styless.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: 514b49609886ddda512f2f65bda3b5f64feea648b2dfb8617bbcc1009084ef95

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:10 GMT
server: nginx/1.24.0
etag: W/"6489fc6a-10d6"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 bootstrap.js Show response
winrars.org/templates/Default/js/ 57 KB
11 KB 63ms
61ms Script
application/javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/js/bootstrap.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:09 GMT
server: nginx/1.24.0
etag: W/"6489fc69-e4a5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 tooltip.js Show response
winrars.org/templates/Default/js/ 12 KB
3 KB 63ms
61ms Script
application/javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/js/tooltip.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: e7a3cc6b212b17c64efb6fffc276735081c011b537b8fe43dfcf3a6ca5cf180e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:09 GMT
server: nginx/1.24.0
etag: W/"6489fc69-2e84"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 libs.js Show response
winrars.org/templates/Default/js/ 2 KB
949 B 63ms
61ms Script
application/javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/js/libs.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: de2a4ca0ac02f2634685d4e46dd5f9cb68d50ff62db93d8a7f7172a6fa54817b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:09 GMT
server: nginx/1.24.0
etag: W/"6489fc69-832"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 normalize.css
winrars.org/templates/Default/style/ 7 KB
2 KB 61ms
59ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/templates/Default/style/normalize.css
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: c21f771ac30ee192c208b59a8d5cb0bf1778969fd6fe89c2232a112dc2312bc6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:10 GMT
server: nginx/1.24.0
etag: W/"6489fc6a-1d7b"
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 27 Oct 2023 20:31:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
876 B 111ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f738b79bf2aa1b06deee833b82d393f874dcf376116f0bd4ac23a8e55c0b473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 20:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:31:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 20:31:27 GMT

GET
H2 200 index.php
winrars.org/engine/classes/min/ 16 KB
4 KB 62ms
60ms Stylesheet
text/css 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/engine/classes/min/index.php?charset=utf-8&f=/templates/Default/uniform/css/uniform.css&113
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 / PHP/7.3.33
Resource Hash: f934e3a02f0ce674ae1f78272942bb873bc8881bf5c73170afbdce3c90cd4636

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:19 GMT
server: nginx/1.24.0
x-powered-by: PHP/7.3.33
etag: "pub1686764659;gz"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-length: 3380
expires: Thu, 26 Sep 2024 20:31:12 GMT

GET
H2 200 index.php Show response
winrars.org/engine/classes/min/ 37 KB
14 KB 84ms
83ms Script
application/x-javascript 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winrars.org/engine/classes/min/index.php?charset=utf-8&f=/templates/Default/uniform/js/jquery.magnificpopup.min.js,/templates/Default/uniform/js/jquery.ladda.min.js,/templates/Default/uniform/js/jquery.form.min.js,/templates/Default/uniform/js/uniform.js&113
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 / PHP/7.3.33
Resource Hash: 4ffbac405bf54f5677c9c1b20a79284383cfbf9b2be0fb44a3e0bf6c2bfcfef6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:12 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2023 17:44:20 GMT
server: nginx/1.24.0
x-powered-by: PHP/7.3.33
etag: "pub1686764660;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
content-length: 14156
expires: Thu, 26 Sep 2024 20:31:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 172ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42236c909a0dcd19fd99c3e58af3f56010b47a9308731ecd480c2cf5eb6037c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51193
x-xss-protection: 0
server: cafe
etag: 12981987903199412138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:28 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 106ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecfb48718a6edc5e924f385d0ed226cde5dfdebde87049970779bd5d9f86c435

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 20:31:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21949
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ce58d6b1676e880c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:28 GMT

GET
H2 200 1493218302_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 29ms
27ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493218302_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:15 GMT
server: nginx/1.24.0
etag: "6489fc6f-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493218137_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 30ms
27ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493218137_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:15 GMT
server: nginx/1.24.0
etag: "6489fc6f-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493217913_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 30ms
27ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493217913_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:15 GMT
server: nginx/1.24.0
etag: "6489fc6f-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493217528_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 30ms
28ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493217528_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493217243_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 30ms
28ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493217243_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493217139_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 31ms
29ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493217139_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493216875_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 31ms
29ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493216875_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493216723_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 32ms
30ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493216723_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493216605_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 32ms
30ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493216605_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 1493216456_1493195055_logo.jpg
winrars.org/uploads/posts/2017-04/ 7 KB
7 KB 32ms
31ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/uploads/posts/2017-04/1493216456_1493195055_logo.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/old/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:14 GMT
server: nginx/1.24.0
etag: "6489fc6e-1b48"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6984
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 112ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f720bf8b48099cee2995f6d922e588905b3b18b7964d2b77a3cf25ad0ea813e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 20:31:28 GMT
content-md5: 8t9sBQ2EG0/+rW6t16g6XA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: yxZR8Ej81bN1d6qtRbZO4Pp//8D7uk5xODrxuLBVSX5ybx17gLUcCaUfMGzTsgKh2Hj1Zu00vihuMPLm3WcCGg==
x-fb-content-md5: 48737b94ff0cb88195ec642cd6189143
cross-origin-opener-policy: same-origin-allow-popups
etag: "eefbeab20c4ca9db3337e4c4ccff08e0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:50:58 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 178ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: winrars.org
URL: https://winrars.org/old/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Wed, 27 Sep 2023 20:31:28 GMT
Content-Encoding: gzip
Age: 1371
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/675D)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t38.1;r;s1600*1200*24;uhttps%3A//winrars.org/old/;0.8044015633108719
https://counter.yadro.ru/hit?q;t38.1;r;s1600*1200*24;uhttps%3A//winrars.org/old/;0.8044015633108719

428 B
914 B

68ms
67ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t38.1;r;s1600*1200*24;uhttps%3A//winrars.org/old/;0.8044015633108719

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

43e08bcd1233c74d57b79d2fc35e5c6e35921a4b3caf93326a924b113e43c54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Sep 2023 20:31:28 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 428
Expires: Mon, 26 Sep 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Sep 2023 20:31:28 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t38.1;r;s1600*1200*24;uhttps%3A//winrars.org/old/;0.8044015633108719
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 26 Sep 2022 21:00:00 GMT

GET
H2 200 bg.png
winrars.org/templates/Default/images/ 23 KB
24 KB 30ms
29ms Image
image/png 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/templates/Default/images/bg.png
Requested by: Host: winrars.org
URL: https://winrars.org/templates/Default/style/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: 9367283cff05119b95cd9f5b0a234af4b1e2981e91a662dbfdf9b1b03b0a34c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/templates/Default/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:08 GMT
server: nginx/1.24.0
etag: "6489fc68-5dd7"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24023
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 bg_header.jpg
winrars.org/templates/Default/images/ 64 KB
64 KB 31ms
31ms Image
image/jpeg 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/templates/Default/images/bg_header.jpg
Requested by: Host: winrars.org
URL: https://winrars.org/templates/Default/style/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: 975750f6b6bb5d3eb7707d2d99d290072e1e9c5b528c05cf0c17a3d18ef02661

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/templates/Default/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:08 GMT
server: nginx/1.24.0
etag: "6489fc68-10033"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65587
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 logo.png
winrars.org/templates/Default/images/ 8 KB
8 KB 52ms
52ms Image
image/png 179.43.180.200
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winrars.org/templates/Default/images/logo.png
Requested by: Host: winrars.org
URL: https://winrars.org/templates/Default/style/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.180.200 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS: hostedby.privatelayer.com
Software: nginx/1.24.0 /
Resource Hash: c60d3b75119f796319f320ec75bc6394f6078fb7a8923ba13fe98d38791093a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/templates/Default/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:13 GMT
last-modified: Wed, 14 Jun 2023 17:44:08 GMT
server: nginx/1.24.0
etag: "6489fc68-1ed4"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7892
expires: Fri, 27 Oct 2023 20:31:13 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 104ms
30ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winrars.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 21:15:20 GMT
x-content-type-options: nosniff
age: 515768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 21:15:20 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 67ms
33ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ac4f188da65ef330ac53527660560ae9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23a2f007c9778dd3f1be413dbb7e0a4cd0b46a4210b21c0947570e4b0998a904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://winrars.org/
Origin: https://winrars.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 20:31:28 GMT
content-md5: pYG+g/QHWoxU5eaUg3eYOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88121
x-fb-debug: ZjLwL+Nvwi+V7VQ60I9WGxMW/e0i94tJ2FWTJsaKXXazCPr/ZQMsJw1aWQ0sPQt8F1EzluJL+OFPSMNoV/HUYA==
x-fb-content-md5: da8c8963f4e74095e149e6f845119e15
cross-origin-opener-policy: same-origin-allow-popups
etag: "eca90b130cee24cd55075a63dc28e3f3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Sep 2024 19:19:39 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=follow/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ 134 KB
47 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=follow/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddad35c2dd40a9feb56a48111c0c2e8924ca834519dee178d2423f2d41f21a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48064
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:45:17 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth/exm=follow/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ 119 KB
41 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth/exm=follow/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7819c4cf1e249016e8fec05e3db4f90ce8aa9b3aab860e2a04cc4334049e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41545
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:45:17 GMT

GET follow
apis.google.com/u/0/_/widget/render/ Frame 9B6A 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210201/ 380 KB
129 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9764971761641225&plah=winrars.org&bust=31078135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

027a2b8e1f22d13ca885baebd3834c1d948f1e118d5a7b085c8e1b1ff99723b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131743
x-xss-protection: 0
server: cafe
etag: 6070841452657213284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230925/r20190131/ Frame 6449 10 KB
5 KB 110ms
29ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230925/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 19:42:41 GMT
etag: 2603938475786422795
expires: Wed, 11 Oct 2023 19:42:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 88FA 320 KB
104 KB 39ms
38ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwinrars.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 171172
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Sep 2023 20:31:28 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame C377 565 B
809 B 110ms
42ms Document
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwinrars.org&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth/exm=follow/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

821f6c614deb4d3ca589140df087059600342ffde6c34d989b24a300517d6045

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kw543tiLc3YNaPIel8oRzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kw543tiLc3YNaPIel8oRzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 20:31:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 88FA 869 B
658 B 252ms
148ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=32d15a88f7afaa44fff026f301e9d3b5117753a5

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwinrars.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 27 Sep 2023 20:31:28 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 27 Sep 2023 20:31:28 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 965a77a51749bfa8
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d3a765920bbf29d1bae833ae5234cdaef3ffaa207c975e1edf4f211a2b483e14
content-length: 337

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 105ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=winrars.org&callback=_gfp_s_&client=ca-pub-9764971761641225

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9764971761641225&plah=winrars.org&bust=31078135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21ae6cd2140f2053af867ba706cd565acb9b8deda6630f11b6819a4fa79ad62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C05 553 KB
92 KB 2108ms
2107ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9764971761641225&output=html&adk=1812271804&adf=3025194257&lmt=1695839488&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwinrars.org%2Fold%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695846688151&bpp=4&bdt=326&idt=209&shv=r20230925&mjsv=m202309210201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2658479587177&frm=20&pv=2&ga_vid=1290061652.1695846688&ga_sid=1695846688&ga_hid=203664329&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31077328%2C42532402%2C44785293%2C31078135&oid=2&pvsid=1933830769157501&tmod=1311535616&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12c0dbdc167bf7f7cf0c5f87cd8bc44cf63866f56d056a76c0656db00b794013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 93819
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:31:30 GMT
expires: Wed, 27 Sep 2023 20:31:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/o/ Frame C377 0
249 B 41ms
41ms Other
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M1m7tja3CliByTaNdVJ1Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwinrars.org&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 20:31:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-M1m7tja3CliByTaNdVJ1Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478691279-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame C377 12 KB
6 KB 147ms
70ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwinrars.org&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5186
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 00:08:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 12:48:59 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame C377 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0b425f35470c095e64781daa12182834b97886cde48097acc3008b05839c05

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 20:31:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7126
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "b45b236faf82c2bf"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:28 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ Frame C377 64 KB
23 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

042c9a3792d650313b7312b365124fa4ff1661619836682e420deefc5141017d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23289
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 16:50:12 GMT

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 38ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Wed, 27 Sep 2023 20:31:28 GMT
Content-Encoding: gzip
Age: 171172
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/675D)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 2C8E 40 KB
15 KB 34ms
34ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 171168
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14965
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Sep 2023 20:31:28 GMT
Etag: "4fdb0b5f121db02fe652a6f4fe49d886+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:07 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
100 B 149ms
149ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwinrars.org%2Fold%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1695846688657%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=32d15a88f7afaa44fff026f301e9d3b5117753a5

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 27 Sep 2023 20:31:28 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 27 Sep 2023 20:31:28 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: c7dd1d76b8122a7c
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d3a765920bbf29d1bae833ae5234cdaef3ffaa207c975e1edf4f211a2b483e14
content-length: 43

GET
DATA 200
OK truncated
/ Frame 2C8E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
www.facebook.com/login/ Frame 2B96
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a2aba60585cf%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

99ms
96ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3a2aba60585cf%2526domain%253Dwinrars.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwinrars.org%25252Ff2c264cffc6fac4%2526relation%253Dparent.parent%26container_width%3D243%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinrars-861216040684568%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ac4f188da65ef330ac53527660560ae9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Sep 2023 20:31:30 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: SckJehbSkEqg1wBCQYwp7QDwrQr6h+HcmXflf0XxANiyElZ/mVygzaw1XXyXqqV0D26bVRJG1SoJs4ZNL78AXg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:31:30 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3a2aba60585cf%2526domain%253Dwinrars.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwinrars.org%25252Ff2c264cffc6fac4%2526relation%253Dparent.parent%26container_width%3D243%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinrars-861216040684568%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26small_header%3Dtrue
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: UTK5l9MLeCBBl7W8wfLg0vkfkny5ZSb84+Rt2hB5ONNXY2+MwBULp3GI7SHTnZXbxSUOhGTJD4rs2rphy8RHXQ==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 151ms
80ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230925&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ffd4ae7190987c76e98129c03abb80e39b5c7ff0816b8a245b93257293be9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210201/ 157 KB
54 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210201/reactive_library_fy2021.js?bust=31078135

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d17d06b81484da881098346f6b41f7e2fc6dfd9d672e737fc97dd51b8ae33e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54850
x-xss-protection: 0
server: cafe
etag: 10615228621192003524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:30 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/ Frame 4A38 10 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:03:30 GMT
etag: 2603938475786422795
expires: Wed, 11 Oct 2023 20:03:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/ Frame 64F6 10 KB
4 KB 36ms
33ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:03:30 GMT
etag: 2603938475786422795
expires: Wed, 11 Oct 2023 20:03:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/ Frame 01BA 10 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:03:30 GMT
etag: 2603938475786422795
expires: Wed, 11 Oct 2023 20:03:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/ Frame 729D 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:03:30 GMT
etag: 2603938475786422795
expires: Wed, 11 Oct 2023 20:03:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 244ms
98ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://winrars.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 20:31:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4A38 4 KB
767 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 20:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 19:55:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 20:31:30 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A38 205 B
651 B 160ms
34ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:19:32 GMT
x-content-type-options: nosniff
age: 256319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 23 Sep 2024 21:19:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A38 604 B
696 B 190ms
66ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 384998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Sep 2024 09:34:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame 4A38 15 KB
7 KB 113ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 03:46:27 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame 4A38 20 KB
8 KB 131ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 20:01:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 64F6 14 KB
1 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 20:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:00:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 20:31:30 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 64F6 2 KB
973 B 86ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 64F6 23 KB
9 KB 64ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 64F6 3 KB
1 KB 67ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 16:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 64F6 20 KB
8 KB 59ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64F6 182 KB
57 KB 192ms
65ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:31 GMT

GET
H2 200 c233ef7b00e27d1a3d2fdfcca9f8c94a.js Show response
www.gstatic.com/mysidia/ Frame 64F6 36 KB
15 KB 118ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c233ef7b00e27d1a3d2fdfcca9f8c94a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15198
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 16:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 20:54:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 01BA 14 KB
1 KB 68ms
55ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 20:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 19:59:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 20:31:30 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 01BA 2 KB
931 B 65ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 01BA 23 KB
9 KB 64ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 01BA 3 KB
1 KB 70ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 16:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 01BA 20 KB
8 KB 49ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01BA 182 KB
57 KB 202ms
120ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:31 GMT

GET
H2 200 c233ef7b00e27d1a3d2fdfcca9f8c94a.js Show response
www.gstatic.com/mysidia/ Frame 01BA 36 KB
15 KB 73ms
41ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c233ef7b00e27d1a3d2fdfcca9f8c94a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15198
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 16:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 20:54:45 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F20B 158 KB
52 KB 271ms
137ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRSRIAAHQkgBd4ONAACIdY3r9lhCQ702cukivw&u=%7CU%2F4gVqY2nXXG7xKgUNo5n6KdzmO4b1jHCmMdxlcl2rk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qRWfpaugji6rT1ODRaTBnAzbk6JUF3vZB5YhvwlQWa4tMX9x1Fo3UiDCn3ZBYKHShrun6npVk9NhF1pqJbqTVgSwS2cFwslEW9nq7X-FKEcvmEyuPCy2DFJnh9MlbOhJcpQg7gzwTXCou9QrWHgW6BpuP9bOc-0sHN7HAdrKQFJhI3cJlIwNfVnpKmZQx3883t0yRL9CoHCyGagvZlYseCgWGRPohjFwL8OTTC64bCzzsYAStgXcI7HC3v53F0eqq7RUR4p2Tu0XuVe6IWAP8xze0tePrNQRjgak9owlwsrMnXybs_ZUFxHmS7hLPFry2ZcMbX0LzXbzG80W5vI_RNEeGCoL5RtQYCJLObMfDII4gv-jN5SgeOvZLPW-mPcl6PPUEakiRt7ppIzG1RO4q_qu6nmHJztgmSnf-F8xaevDBsr36H7dUeSyP0SeBNeMdGwVokYUo87-D5aT_bdsKAVkVaDPEM_60okRGhvk3cvd-ssQgay6JWhRPB35g-k6YGZRm4E6VZX8cwnRH3kzVNL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCigQ3IJEUZciEHY2H3rsP9ZCC8AjJntKxXJWil_dwwI23ARABIABglQKCARdjYS1wdWItOTc2NDk3MTc2MTY0MTIyNcgBCakCeJ4kidy2sT6oAwHIAwKqBLkBT9CnLayRUqzU56y2EWkXpnWKnW2WsBzzftaF4Ktf_B0kLfqL0C6rhDLf0wesktvOMUq8nHoJ3L3cXgPutYEXrR_HhbwkPhrPFlNJVbIfJtHxuQjBFBeRIci8O0ACHy3iY-PbiBTh7gVhFERjl8_bFao4Sy-d916aG9ZDEnmJpkiAJjbfTGls4iERZefnkAxFPDsPDwlcsRKR1at2UmO8ee3YwaR3C-3Sm1MtYVU2xKq8KL6VUvxLi-2ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1z9XWLXPr_t7vQ-sno3JB2NeJFZw%26client%3Dca-pub-9764971761641225%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

07aa6d18edeef86fa22bebc16e121453fbf8357433f8507b00d09a3203c1bbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:31:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4xnqxji5hBqJjrHZydOZ2iMo0e-1Z_SMHbL3dFkU8iyWM3NgA_xz6DAglxxw0O4jJ9vqo3xb2jjB2OSL2lr0gVb9p4S1xndAapMF7oJPYUtp-8pT8TYZnv1sr351Hu03XU9g-VX6xCRUbIYzKmEn160O2PJlg4o1sifmXiXCp5LkzKx6yMuJg6sGc-1lr-D1GhSop-Khvo5hoWFNkniiDDXK_YJBSn9hzM7I7ev0BHAx9Cazi17z51qqplBVDbPZSviCXA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57314947
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 729D 3 KB
1 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 16:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 729D 20 KB
8 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 729D 182 KB
57 KB 206ms
126ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 68C5 2 KB
480 B 49ms
43ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 19:59:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 20:31:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 68C5 2 KB
926 B 43ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 68C5 23 KB
9 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 68C5 3 KB
1 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 16:38:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 68C5 20 KB
8 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 14:00:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68C5 182 KB
57 KB 151ms
148ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 20:31:31 GMT

GET
H2 200 c233ef7b00e27d1a3d2fdfcca9f8c94a.js Show response
www.gstatic.com/mysidia/ Frame 68C5 36 KB
15 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c233ef7b00e27d1a3d2fdfcca9f8c94a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15198
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 16:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 20:54:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BDF 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 14008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 16:38:03 GMT
expires: Thu, 26 Sep 2024 16:38:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E8FF 829 B
1 KB 203ms
100ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1362cbc415daf1d2718b06ad167abee3a6ea845c21672aab6694a82ddc066a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KdyohL_Fz8XpCdxQDWlFHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winrars.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KdyohL_Fz8XpCdxQDWlFHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 20:31:31 GMT
expires: Wed, 27 Sep 2023 20:31:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 729D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bd9dbea86a5ce9fe084abf9a8e31f15afb4485f9b076d89588e27af7e60d160

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F20B 2 KB
1 KB 175ms
49ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRSRIAAHQkgBd4ONAACIdY3r9lhCQ702cukivw&u=%7CU%2F4gVqY2nXXG7xKgUNo5n6KdzmO4b1jHCmMdxlcl2rk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qRWfpaugji6rT1ODRaTBnAzbk6JUF3vZB5YhvwlQWa4tMX9x1Fo3UiDCn3ZBYKHShrun6npVk9NhF1pqJbqTVgSwS2cFwslEW9nq7X-FKEcvmEyuPCy2DFJnh9MlbOhJcpQg7gzwTXCou9QrWHgW6BpuP9bOc-0sHN7HAdrKQFJhI3cJlIwNfVnpKmZQx3883t0yRL9CoHCyGagvZlYseCgWGRPohjFwL8OTTC64bCzzsYAStgXcI7HC3v53F0eqq7RUR4p2Tu0XuVe6IWAP8xze0tePrNQRjgak9owlwsrMnXybs_ZUFxHmS7hLPFry2ZcMbX0LzXbzG80W5vI_RNEeGCoL5RtQYCJLObMfDII4gv-jN5SgeOvZLPW-mPcl6PPUEakiRt7ppIzG1RO4q_qu6nmHJztgmSnf-F8xaevDBsr36H7dUeSyP0SeBNeMdGwVokYUo87-D5aT_bdsKAVkVaDPEM_60okRGhvk3cvd-ssQgay6JWhRPB35g-k6YGZRm4E6VZX8cwnRH3kzVNL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCigQ3IJEUZciEHY2H3rsP9ZCC8AjJntKxXJWil_dwwI23ARABIABglQKCARdjYS1wdWItOTc2NDk3MTc2MTY0MTIyNcgBCakCeJ4kidy2sT6oAwHIAwKqBLkBT9CnLayRUqzU56y2EWkXpnWKnW2WsBzzftaF4Ktf_B0kLfqL0C6rhDLf0wesktvOMUq8nHoJ3L3cXgPutYEXrR_HhbwkPhrPFlNJVbIfJtHxuQjBFBeRIci8O0ACHy3iY-PbiBTh7gVhFERjl8_bFao4Sy-d916aG9ZDEnmJpkiAJjbfTGls4iERZefnkAxFPDsPDwlcsRKR1at2UmO8ee3YwaR3C-3Sm1MtYVU2xKq8KL6VUvxLi-2ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1z9XWLXPr_t7vQ-sno3JB2NeJFZw%26client%3Dca-pub-9764971761641225%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F20B 2 KB
1 KB 176ms
50ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F20B 308 B
636 B 53ms
52ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F20B 293 B
621 B 47ms
47ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame F20B 43 B
348 B 203ms
81ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iDLbynsnO68UYrYiDu2RaQt1qcwRTYf9pUzXSILxEWKSv-qKSkERjBoUPEoFR9qWan4lzKDYZPGnnm_cTBWQ3Vsd8hSuY8PJF2s_cAlflquB9rIXbrMIXaxhoCJqs1t1PQ1h8uwW5UmKolZanQylLBrVElK-XZjnAwOy0KQm77SA9RZxMVRWdkCB-bil5HeMcEZPvlQOqmzCZkA4_24OiW9dnU9Hi4NQsnNfW3bpjCdF-UXI4eTbwOFy_qusjdyI8iZTyaQZW0sAM9C4-LhQRKL-V0k36i6Pjmv4LeW4Z_MC5Z7beV5NotnDNktEeNa1PRuxH2q6KnIlKg4jcuqhKCTPWxYvBSzFaFTfgTNqD_uRTMy6tLOGNn_KcCsNbtrklZw0pwQ5RQufxjPPVsmw58KDGrS_3NCIOlO8Q_5HqmC8lPwA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 20:31:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1407705
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F20B 12 KB
5 KB 150ms
76ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5957937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDFGTdKjiqisKozAVJ2VcSMYlVldYkV5aRoGNNivqZeIPsT2%2BfBEkIB6vXtROWdTxKm5Yql5SXAm3C3FMCW78knhlbtqTGX%2Bvy5xHTPw%2BSNl41oAmVxpSZjUY3aVx4Q1oSdZukhvE6ZE5As%2B4GcMYoNg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80d682befb852c1a-FRA
expires: Mon, 16 Sep 2024 20:31:31 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame F7BD 37 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Sep 2024 12:05:01 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame F20B 38 KB
38 KB 193ms
90ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame F20B 46 KB
46 KB 232ms
151ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F20B 12 KB
6 KB 56ms
54ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 268E 37 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Sep 2024 12:05:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 3 KB
4 KB 165ms
69ms Image
image/png 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&s=Y2sJk6xMRntCSzr0MoMhWO72

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3552
expires: Wed, 04 Sep 2024 02:04:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 143 KB
143 KB 239ms
144ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4969299%2F2c16756ec55d4b449e6bc87dc6c83fb8_img_horizontal_1.jpg&v=3&w=1200&s=1huck4XtJn3bfTLj6DGFMH3f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

27b88525d3d052be665a7197efa5e68500ac112b4b9287885148fce005c55710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 146220
expires: Fri, 13 Sep 2024 14:07:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 15 KB
15 KB 274ms
179ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1596570862%2F20174762-HHHlSgRg.jpg&v=3&w=400&s=ZQTAfLVxSWya5p_pDmC-c28H&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

5c17383634eb00828f32bfff2293caf9bb3baa48c4db922b4d6e33597194011f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 15564
expires: Mon, 02 Oct 2023 05:11:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 20 KB
20 KB 202ms
107ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19241706-v3W5eGq7.jpg&v=3&w=400&s=7Z-BaIxF70dTRZRw6VeyXZwN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

93e9ecbbb95187f76c6ccec5b27a1e62d8e136f702957bcef5651c486bf6bf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 20198
expires: Fri, 29 Sep 2023 07:15:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 14 KB
14 KB 163ms
70ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16032507-MDiJNrih.jpg&v=3&w=400&s=imnlStW9AbltsrBYrAsaBHGo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

3bbf37c1d86e46e67c258e78b7d85fb208b8955be5b5114c574073015a7435b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13878
expires: Tue, 03 Oct 2023 08:22:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 20 KB
20 KB 213ms
120ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1689109201%2F23123581-hfEj23nT.jpg&v=3&w=400&s=gp7w6b_UZxOQ8Ju0l73lU766&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

a33de2075f33a1c5cde969c9799a7129bcaf5e2e5f67f7cb1d083ce77946a216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 20190
expires: Fri, 29 Sep 2023 08:27:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 14 KB
14 KB 142ms
142ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19158937-EbiDPnhY.jpg&v=3&w=400&s=2B-jGFjHv_waS-oXHDT8Fqrt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

7cb81597ad914cb0ef229547fa3ca5ebc98e80cbc3d76688da5c298ecee0e6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 14128
expires: Thu, 28 Sep 2023 10:48:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F20B 52 KB
52 KB 143ms
143ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F14219044-eRIaMWSy.jpg&v=3&w=400&s=OtZjKOlg3Cfk-LM0fQTB5rpL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

42417668ae85239f4cbcd266645fa11df38e5d1c0290f7f04bf719ecf9597a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=604800
content-length: 52796
expires: Wed, 04 Oct 2023 08:28:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F20B 0
128 B 151ms
61ms Ping
text/plain 2a02:2638:3::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=4xnqxji5hBqJjrHZydOZ2iMo0e-1Z_SMHbL3dFkU8iyWM3NgA_xz6DAglxxw0O4jJ9vqo3xb2jjB2OSL2lr0gVb9p4S1xndAapMF7oJPYUtp-8pT8TYZnv1sr351Hu03XU9g-VX6xCRUbIYzKmEn160O2PJlg4o1sifmXiXCp5LkzKx6yMuJg6sGc-1lr-D1GhSop-Khvo5hoWFNkniiDDXK_YJBSn9hzM7I7ev0BHAx9Cazi17z51qqplBVDbPZSviCXA&sds=2&rev=88570&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F20B 2 KB
1 KB 49ms
49ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F20B 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Sep 2024 20:31:31 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D26 37 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: winrars.org
URL: https://winrars.org/old/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Sep 2024 12:05:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E8FF 0
0 70ms
70ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230925&jk=1933830769157501&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BDF 37 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 13:58:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 729D 0
23 B 75ms
75ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc2ztIJEUZciEHY2H3rsP9ZCC8AjJntKxXJWil_dwwI23ARABIABglQKCARdjYS1wdWItOTc2NDk3MTc2MTY0MTIyNcgBCakCeJ4kidy2sT6oAwHIAwKqBLYBT9CnLayRUqzU56y2EWkXpnWKnW2WsBzzftaF4Ktf_B0kLfqL0C6rhDLf0wesktvOMUq8nHoJ3L3cXgPutYEXrR_HhbwkPhrPFlNJVbIfJtHxuQjBFBeRIci8O0ACHy3iY-PbiBTh7gVhFERjl8_bFao4Sy-d916aG9ZDEnmJpkiAJjbfTGls4iERZefnkAxFfjkunYnPYS83BYys3kNV3eP_yxJ9JfVQL5sQx6eJ2oaksHQBchWABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTc2NDk3MTc2MTY0MTIyNRgA&sigh=a9zyH4_tq-U&uach_m=[UACH]&cid=CAQSGwDICaaNPvqxrMbpYrx14oTcombZdSXJ3JCzExgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 27 Sep 2023 20:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 20:31:32 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 729D 0
126 B 273ms
45ms Image
text/plain 2a02:2638:d::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMz6RO0HfJ2DYgICAAAA98-gB8Z4kSoSdN8nEB-RFGW1kGtWauLB55RBAAASAAAKCkFRVUJEd0VCRHc&wp=ZRSRIAAHQkgBd4ONAACIdY3r9lhCQ702cukivw&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:31 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 151834
server: Kestrel
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0BDF 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PRu9Ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 729D 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSzNAt6rhAurOPeW3YVJXNMgjrHN5T6gGFV_wj-9f5KxvZqfkFE7EjjMDDNabUQIqH5CfrfmuhZakqGfHLJDQHXpY7xabbevvq8MU&sig=Cg0ArKJSzLf6tWrA0Z8EEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=458,1000,1000,1000,1000&tos=458,542,0,0,0&v=20230925&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695846690814&rpt=698&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 20:31:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/_/widget/render/follow?usegapi=1&annotation=bubble&height=24&rel=author&origin=https%3A%2F%2Fwinrars.org&url=https%3A%2F%2Fplus.google.com%2F116749209450715911612&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winrars.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: d770d872a4e96b3ab3067fae566f3172
.yadro.ru/	1970-01-20 23:48:18	Name: FTID Value: 1b594W1GW2ee1b594W00155v
.yadro.ru/	1970-01-20 23:48:18	Name: VID Value: 30g3D02QF4ee1b594W001570
.winrars.org/	1970-01-21 00:25:42	Name: __gads Value: ID=d0d60b0497dde168-22f714cf98de00fa:T=1695846688:RT=1695846688:S=ALNI_MawX8cKhrn6T5R3Sn0Jud7NquQMSA
.winrars.org/	1970-01-21 00:25:42	Name: __gpi Value: UID=00000d958f479e79:T=1695846688:RT=1695846688:S=ALNI_Ma9XZybDKx2lZeDUqsSk07SY7HYhw
.doubleclick.net/	1970-01-20 15:04:07	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://apis.google.com/js/platform.js(Line 66) Message: Mixed Content: The page at 'https://winrars.org/old/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1695846688094&_gfid=I0_1695846688094&parent=https%3A%2F%2Fwinrars.org&pfname=&rpctoken=26381363'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230925/r20110914/zrt_lookup.html?fsb=1(Line 19) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.eu.criteo.com
apis.google.com
cat.fr3.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
counter.yadro.ru
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
rtb.fr3.eu.criteo.com
ssl.gstatic.com
static.criteo.net
syndication.twitter.com
tpc.googlesyndication.com
winrars.org
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
apis.google.com
104.244.42.72
178.250.7.9
179.43.180.200
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::200d
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
88.212.201.198
027a2b8e1f22d13ca885baebd3834c1d948f1e118d5a7b085c8e1b1ff99723b1
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
042c9a3792d650313b7312b365124fa4ff1661619836682e420deefc5141017d
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
07aa6d18edeef86fa22bebc16e121453fbf8357433f8507b00d09a3203c1bbcf
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0f720bf8b48099cee2995f6d922e588905b3b18b7964d2b77a3cf25ad0ea813e
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
12c0dbdc167bf7f7cf0c5f87cd8bc44cf63866f56d056a76c0656db00b794013
1c02a67f76233ad4e35113dfcfceb8d4ebc7a10cb320670cf7394328505d25f4
23a2f007c9778dd3f1be413dbb7e0a4cd0b46a4210b21c0947570e4b0998a904
27b88525d3d052be665a7197efa5e68500ac112b4b9287885148fce005c55710
2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bbf37c1d86e46e67c258e78b7d85fb208b8955be5b5114c574073015a7435b7
3f738b79bf2aa1b06deee833b82d393f874dcf376116f0bd4ac23a8e55c0b473
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42236c909a0dcd19fd99c3e58af3f56010b47a9308731ecd480c2cf5eb6037c7
42417668ae85239f4cbcd266645fa11df38e5d1c0290f7f04bf719ecf9597a82
42e99216f8561b4842a44826b5ed81972585a8fd3ee50364cda31e3c650cd6e9
43e08bcd1233c74d57b79d2fc35e5c6e35921a4b3caf93326a924b113e43c54c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffbac405bf54f5677c9c1b20a79284383cfbf9b2be0fb44a3e0bf6c2bfcfef6
514b49609886ddda512f2f65bda3b5f64feea648b2dfb8617bbcc1009084ef95
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c17383634eb00828f32bfff2293caf9bb3baa48c4db922b4d6e33597194011f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ffd4ae7190987c76e98129c03abb80e39b5c7ff0816b8a245b93257293be9af
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7bd9dbea86a5ce9fe084abf9a8e31f15afb4485f9b076d89588e27af7e60d160
7cb81597ad914cb0ef229547fa3ca5ebc98e80cbc3d76688da5c298ecee0e6a5
821f6c614deb4d3ca589140df087059600342ffde6c34d989b24a300517d6045
843bc65f7a1d63ed3bdc730f0903acb266b06183eaef30a325ce1748c9ae265a
85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550
87745ffe7eff1edcef1a246d7856fb557b9b983f6edf126e8c10662c31436cb6
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9367283cff05119b95cd9f5b0a234af4b1e2981e91a662dbfdf9b1b03b0a34c5
93e9ecbbb95187f76c6ccec5b27a1e62d8e136f702957bcef5651c486bf6bf1d
975750f6b6bb5d3eb7707d2d99d290072e1e9c5b528c05cf0c17a3d18ef02661
992fd963d78b71928dfeb3504d11d56a032fa70e475df0e5c9832146c1a0d23d
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a7819c4cf1e249016e8fec05e3db4f90ce8aa9b3aab860e2a04cc4334049e49
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1610fb010ffc0d47d427e602b5e8b26c3c7d32bec4633798479713c5e32f342
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a33de2075f33a1c5cde969c9799a7129bcaf5e2e5f67f7cb1d083ce77946a216
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83e70b06b43dc7f7b919674d5cd0341d2e25a74b1bf9ad2ac6ee2f58c86be7d
a8b0bc4b52a4a3b4367326877967e6812d77ad25fccf4ae038225309052795a4
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
be0b425f35470c095e64781daa12182834b97886cde48097acc3008b05839c05
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c21f771ac30ee192c208b59a8d5cb0bf1778969fd6fe89c2232a112dc2312bc6
c60d3b75119f796319f320ec75bc6394f6078fb7a8923ba13fe98d38791093a1
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
cbf4df24c4bd841ee7d82f804bad4b6a0150c1138b1df9a505b2930119298184
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d17d06b81484da881098346f6b41f7e2fc6dfd9d672e737fc97dd51b8ae33e87
d21ae6cd2140f2053af867ba706cd565acb9b8deda6630f11b6819a4fa79ad62
d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
dcd25a85b83ec0bd66273e8b8c9d4e80fab2e739da404bcd4f48c099287f6d79
ddad35c2dd40a9feb56a48111c0c2e8924ca834519dee178d2423f2d41f21a71
de2a4ca0ac02f2634685d4e46dd5f9cb68d50ff62db93d8a7f7172a6fa54817b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1362cbc415daf1d2718b06ad167abee3a6ea845c21672aab6694a82ddc066a4
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e7a3cc6b212b17c64efb6fffc276735081c011b537b8fe43dfcf3a6ca5cf180e
ecfb48718a6edc5e924f385d0ed226cde5dfdebde87049970779bd5d9f86c435
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f934e3a02f0ce674ae1f78272942bb873bc8881bf5c73170afbdce3c90cd4636
ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

winrars.org Open in urlscan Pro 179.43.180.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

124 Requests

98 %HTTPS

84 %IPv6

15 Domains

25 Subdomains

26 IPs

6 Countries

1960 kBTransfer

5009 kBSize

6 Cookies

1 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winrars.org Open in urlscan Pro
179.43.180.200 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

98 %
HTTPS

84 %
IPv6

15
Domains

25
Subdomains

26
IPs

6
Countries

1960 kB
Transfer

5009 kB
Size

6
Cookies

124 HTTP transactions
2 data transactions