windowsfile.net Open in urlscan Pro
173.82.65.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://es.windowsfile.net/
Effective URL:
https://windowsfile.net/product-key-free/
Submission Tags: @phishunt_io
Submission: On May 28 via api (May 28th 2022, 12:11:46 am UTC) from DE — Scanned from DE

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 45 HTTP transactions. The main IP is 173.82.65.242, located in United States and belongs to MULTA-ASN1, US. The main domain is windowsfile.net.
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.

This is the only time windowsfile.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.82.83.210 173.82.83.210	35916 (MULTA-ASN1) (MULTA-ASN1)
10 23	173.82.65.242 173.82.65.242	35916 (MULTA-ASN1) (MULTA-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::ac43:4464	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
45	10

1 173.82.83.210 (United States) 1 redirects

ASN35916 (MULTA-ASN1, US)
PTR: fiber7.iaasdns.com

es.windowsfile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 173.82.65.242 (United States) 10 redirects

ASN35916 (MULTA-ASN1, US)
PTR: fiber9.iaasdns.com

windowsfile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4464 (United States)

ASN13335 (CLOUDFLARENET, US)

file.wmlcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	windowsfile.net 11 redirects es.windowsfile.net windowsfile.net	177 KB
10	wmlcloud.com file.wmlcloud.com	243 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	203 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	11 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8526	914 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	647 B
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
45	9

	Domain	Requested by
23	windowsfile.net	10 redirects windowsfile.net
10	file.wmlcloud.com	windowsfile.net
6	pagead2.googlesyndication.com	windowsfile.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	windowsfile.net
1	es.windowsfile.net	1 redirects
45	12

This site contains links to these domains. Also see Links.

Domain
www.mhthemes.com

Subject Issuer	Validity	Valid
windowsfile.net R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://windowsfile.net/product-key-free/
Frame ID: 03A391F00E2A4AFBFC69D969E097AD20
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: A43B60FA59803A708EFD8DFA28851708
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&adk=3826760629&adf=1341073466&lmt=1653696701&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701237&bpp=2&bdt=544&idt=100&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6569821947263&frm=20&pv=2&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
Frame ID: CED3DBDA12CF54DC11B8D58834E4C916
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&h=280&slotname=4354795369&adk=3854668580&adf=1989845619&pi=t.ma~as.4354795369&w=1040&fwrn=4&fwrnh=100&lmt=1653696701&rafmt=1&psa=0&format=1040x280&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701239&bpp=2&bdt=546&idt=122&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6569821947263&frm=20&pv=1&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IBH81a1fKW&p=https%3A//windowsfile.net&dtd=127
Frame ID: E02581850495FCCD9AEAD7AC4CBC340D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&h=251&adk=3333839750&adf=3523427280&pi=t.aa~a.1814347921~rp.4&w=678&lmt=1653696701&nsk=fe40aa3d&rafmt=11&pwprc=6887246688&psa=0&ad_type=text_image&format=678x251&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701541&bpp=2&bdt=848&idt=-M&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ba3eb6b6149e7d8-228b6d47a0cd00e9%3AT%3D1653696702%3ART%3D1653696702%3AS%3DALNI_MYkAX2aiMLl_7P49Mx7ud2XuzNKTA&prev_fmts=0x0%2C1040x280&nras=2&correlator=6569821947263&frm=20&pv=1&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bFXl5NsBM7&p=https%3A//windowsfile.net&dtd=14
Frame ID: BA47306D3B3B834E5358B15320B155A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&h=182&adk=2469370921&adf=1373937970&pi=t.aa~a.2704852967~rp.4&w=678&lmt=1653696701&nsk=eed89d38&rafmt=11&pwprc=6887246688&psa=0&ad_type=text_image&format=678x182&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701541&bpp=1&bdt=848&idt=1&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ba3eb6b6149e7d8-228b6d47a0cd00e9%3AT%3D1653696702%3ART%3D1653696702%3AS%3DALNI_MYkAX2aiMLl_7P49Mx7ud2XuzNKTA&prev_fmts=0x0%2C1040x280%2C678x251&nras=3&correlator=6569821947263&frm=20&pv=1&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5cQsJnz35Z&p=https%3A//windowsfile.net&dtd=18
Frame ID: 4B61466E8B7F54DDAF15854595A0D4A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D227D4F8164A86905FA4D2F72F7E07C1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27EEC00E597A98A33500EC3CB4AA71A8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Product Key Windows - Microsoft Office - Other Softwares | Latest 2022 -

Page URL History Show full URLs

https://es.windowsfile.net/ HTTP 301
https://windowsfile.net/product-key-free/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

45
Requests

78 %
HTTPS

73 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

681 kB
Transfer

1419 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mhthemes.com/
Title: MH Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://es.windowsfile.net/ HTTP 301
https://windowsfile.net/product-key-free/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://windowsfile.net/wp-content/uploads/2021/01/Free-Microsoft-Office-2016-Activation-Code-300x300.jpg HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Microsoft-Office-2016-Activation-Code-300x300.jpg

Request Chain 15

https://windowsfile.net/wp-content/uploads/2021/01/Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg

Request Chain 16

https://windowsfile.net/wp-content/uploads/2021/01/windows-10-product-keys-serial-keys-300x188.png HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/windows-10-product-keys-serial-keys-300x188.png

Request Chain 17

https://windowsfile.net/wp-content/uploads/2021/01/Free-Norton-AntiVirus-Activation-Code-300x150.png HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Norton-AntiVirus-Activation-Code-300x150.png

Request Chain 18

https://windowsfile.net/wp-content/uploads/2021/01/IObit-Start-Menu-8-Pro-Free-Download-221x300.png HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/IObit-Start-Menu-8-Pro-Free-Download-221x300.png

Request Chain 19

https://windowsfile.net/wp-content/uploads/2021/01/Malwarebytes-Premium-Activation-Code-300x197.png HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/Malwarebytes-Premium-Activation-Code-300x197.png

Request Chain 20

https://windowsfile.net/wp-content/uploads/2021/01/61VAFPI5QiL._SX679_-300x187.jpg HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/61VAFPI5QiL._SX679_-300x187.jpg

Request Chain 21

https://windowsfile.net/wp-content/uploads/2021/01/Microsoft-Office-2013-300x212.jpg HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/Microsoft-Office-2013-300x212.jpg

Request Chain 22

https://windowsfile.net/wp-content/uploads/2021/01/driver-easy-pro-license-key.png HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/01/driver-easy-pro-license-key.png

Request Chain 23

https://windowsfile.net/wp-content/uploads/2021/02/IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg HTTP 301
https://file.wmlcloud.com//wp-content/uploads/2021/02/IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
windowsfile.net/product-key-free/
Redirect Chain

https://es.windowsfile.net/
https://windowsfile.net/product-key-free/

42 KB
7 KB

1211ms
733ms

Document
text/html

173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 473056e6c9a6bf29f04eb2f82eb5946ff9a8c2a608e8135f2ff977fe97d3e99d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 28 May 2022 00:11:41 GMT
link: <https://windowsfile.net/product-key-free/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html
date: Sat, 28 May 2022 00:11:39 GMT
location: https://windowsfile.net/product-key-free/
server: LiteSpeed

GET
H2 200 style.min.css
windowsfile.net/product-key-free/wp-includes/css/dist/block-library/ 87 KB
11 KB 154ms
153ms Stylesheet
text/css 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 06:59:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10929
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 wpp.css
windowsfile.net/product-key-free/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
549 B 449ms
447ms Stylesheet
text/css 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.1
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Sun, 24 Apr 2022 03:26:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 516
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 style.css
windowsfile.net/product-key-free/wp-content/themes/mh-magazine/ 126 KB
22 KB 448ms
447ms Stylesheet
text/css 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/themes/mh-magazine/style.css?ver=3.8.5
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: f9f36e3285ecb1cf013e8508a80a7193660c2fce2ca5aa28d1f81d8fd66d7c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Sun, 24 Apr 2022 03:12:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22594
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 font-awesome.min.css
windowsfile.net/product-key-free/wp-content/themes/mh-magazine/includes/ 30 KB
7 KB 448ms
447ms Stylesheet
text/css 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/themes/mh-magazine/includes/font-awesome.min.css
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Sun, 24 Apr 2022 03:12:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 46ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48427e493ea08123566dcb25038475a8accb386ed77122a113d90750f6a6e88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 22:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 28 May 2022 00:11:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 May 2022 00:11:41 GMT

GET
H2 200 jquery.min.js Show response
windowsfile.net/product-key-free/wp-includes/js/jquery/ 87 KB
30 KB 300ms
299ms Script
application/javascript 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Thu, 11 Mar 2021 04:37:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30273
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
windowsfile.net/product-key-free/wp-includes/js/jquery/ 11 KB
4 KB 305ms
304ms Script
application/javascript 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 22:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 wpp.min.js Show response
windowsfile.net/product-key-free/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 446ms
445ms Script
application/javascript 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Sun, 24 Apr 2022 03:26:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1215
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 scripts.js Show response
windowsfile.net/product-key-free/wp-content/themes/mh-magazine/js/ 38 KB
11 KB 446ms
446ms Script
application/javascript 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/themes/mh-magazine/js/scripts.js?ver=3.8.5
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 8df7667db11a1cbae8ba0332258e0d3da3c26d2bab794bdcf8805df869482200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:41 GMT
content-encoding: br
last-modified: Sun, 24 Apr 2022 03:12:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11636
expires: Sat, 04 Jun 2022 00:11:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
56 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4074290422493862

Requested by

Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be23caefb4d360ef56fdc765dec8c496cf493bfdd6b01509f4bc971a6ab9ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Origin: https://windowsfile.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56329
x-xss-protection: 0
server: cafe
etag: 10794373010545912967
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 May 2022 00:11:42 GMT

GET
H2

200

Free-Microsoft-Office-2016-Activation-Code-300x300.jpg
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/Free-Microsoft-Office-2016-Activation-Code-300x300.jpg
https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Microsoft-Office-2016-Activation-Code-300x300.jpg

22 KB
23 KB

497ms
461ms

Image
image/jpeg

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Microsoft-Office-2016-Activation-Code-300x300.jpg
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a47ccbb18cf109841fcae423196a18ff52126f157855b4424d6a8222ad9ae18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enOEQGT3ndX0T8DQHToMTQIKTpGX%2Fvofp9WfK5kNeJzv1Pkv490Rlqrwpv2uGC36Re9KPHLkDK0nDcF%2FYy3e3PMvze2ISAjHtdDUSk%2B8VXk92LayVVgXrDr41FLfZkq2hdu2QM2aeEbyO9onIFmC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c6467c1e921f-FRA
content-length: 22456
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Microsoft-Office-2016-Activation-Code-300x300.jpg
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H3 200 image.js Show response
windowsfile.net/product-key-free/wp-content/plugins/featured-image-from-url/includes/html/js/ 4 KB
1 KB 155ms
154ms Script
application/javascript 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.9.2
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 430df020a5c2325ff6283cba6d9689c87e8f6cba53094fa342a55e2c15fcb39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 06:01:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 870
expires: Sat, 04 Jun 2022 00:11:42 GMT

GET
H3 200 wp-emoji-release.min.js Show response
windowsfile.net/product-key-free/wp-includes/js/ 18 KB
5 KB 156ms
156ms Script
application/javascript 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/product-key-free/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 06:59:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4619
expires: Sat, 04 Jun 2022 00:11:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsfile.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 347973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 23:32:09 GMT

GET
H3 200 fontawesome-webfont.woff2
windowsfile.net/product-key-free/wp-content/themes/mh-magazine/fonts/ 75 KB
76 KB 153ms
152ms Font
font/woff2 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsfile.net/product-key-free/wp-content/themes/mh-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/wp-content/themes/mh-magazine/includes/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS: fiber9.iaasdns.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://windowsfile.net/product-key-free/wp-content/themes/mh-magazine/includes/font-awesome.min.css
Origin: https://windowsfile.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
last-modified: Sun, 24 Apr 2022 03:12:59 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Sat, 04 Jun 2022 00:11:42 GMT

GET
H2

200

Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg
https://file.wmlcloud.com//wp-content/uploads/2021/01/Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg

6 KB
6 KB

304ms
303ms

Image
image/jpeg

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3844603c168ef662e66c3fc778063a9777afe9b94d10e550762a28fbb0c3e422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS%2F2iPPPtRjHheqvKOdvWBJn%2FZZA%2FQXmbg1Zj1MWxqdkKgxVxZKCEV9odp3RpUDnVp%2F7rNuFw5JKN9AcrD6zjYe381CBVwZG9G2EwexWpy87eB9HEj11PSWwqjw1bnkornvHWx0szC0IWQJfT2ag"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647edba921f-FRA
content-length: 6335
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/Office-365-Activation-Key-2017-Free-Full-Download-..-300x167.jpg
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

windows-10-product-keys-serial-keys-300x188.png
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/windows-10-product-keys-serial-keys-300x188.png
https://file.wmlcloud.com//wp-content/uploads/2021/01/windows-10-product-keys-serial-keys-300x188.png

4 KB
4 KB

309ms
308ms

Image
image/png

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/windows-10-product-keys-serial-keys-300x188.png
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09adf5982e8b6c80f59f27ac5751b63f411728a7387386ab49bd1bfc00bfc48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fH%2FcrwIHNmaNpbxWcDWGfDf9%2B63qvrY8uYjSHXrYVJu3%2BV4WDcdsjNMznXMVhzpFK5KJ76MLXhhEBnd1jTke%2FlPc3TWsTf5%2FDvllb3kUcjiCgfthwKlAziH%2Bn4Du5vjPI3zs6CIX3X3BRMPvwuJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647edbb921f-FRA
content-length: 3838
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/windows-10-product-keys-serial-keys-300x188.png
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

Free-Norton-AntiVirus-Activation-Code-300x150.png
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/Free-Norton-AntiVirus-Activation-Code-300x150.png
https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Norton-AntiVirus-Activation-Code-300x150.png

21 KB
21 KB

463ms
462ms

Image
image/png

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Norton-AntiVirus-Activation-Code-300x150.png
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77ac840f538a2f9d5a2eedfe6a8c3e3b531892742937c64d7a582c033a079f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhXaZgC%2B%2B5EKe%2F0z%2B%2BIgoYIFQN3Srx19X6CEZwfKMo9OAgCT%2FH4kmeAwrF18jB%2FgsCYRo4rYC8itUx6QseRLAypU3RiLBDosFOT7H4Ik2kqMOctmX%2Fl1LSRlweAGR144JRibbLkdue9W%2FufCBDPB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647edbc921f-FRA
content-length: 21379
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/Free-Norton-AntiVirus-Activation-Code-300x150.png
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

IObit-Start-Menu-8-Pro-Free-Download-221x300.png
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/IObit-Start-Menu-8-Pro-Free-Download-221x300.png
https://file.wmlcloud.com//wp-content/uploads/2021/01/IObit-Start-Menu-8-Pro-Free-Download-221x300.png

73 KB
73 KB

586ms
585ms

Image
image/png

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/IObit-Start-Menu-8-Pro-Free-Download-221x300.png
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 624ddaf69e9588a489348376396c4a31be0bf27ae93e1ec65d771afadc9659e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjTQGjNhPswEILWPWHg6K3nlVmxBqemuck76XLTMkwHgn0xsxrlZerhwDPgXZ0zmqmujTKBX7BHqjJIc8BntG31joj1xbt4T811f2gUM95oLgH%2BXZsZdd196b2Y8tVr4RP1zrZa9%2FgEuDB8B924%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647edbd921f-FRA
content-length: 74581
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/IObit-Start-Menu-8-Pro-Free-Download-221x300.png
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

Malwarebytes-Premium-Activation-Code-300x197.png
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/Malwarebytes-Premium-Activation-Code-300x197.png
https://file.wmlcloud.com//wp-content/uploads/2021/01/Malwarebytes-Premium-Activation-Code-300x197.png

15 KB
16 KB

509ms
508ms

Image
image/png

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/Malwarebytes-Premium-Activation-Code-300x197.png
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b5d5090a4f51ba5d7dd926fe87f8f2eddd9966947932596d2a56be4c1c5d1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fncYc%2Fw4GT24Fb6Gbit0L5c7lh2%2F6X8BavyH0CqRNPQb5R9LVhCD%2BaEzOeIpM4gX0MTw85uzZMcPDmfSQ4QTaG6o%2BBvXrSvJd%2FzIDg4EvRToEEr83k8jd2SJR1ooDpbWTWsfT9%2BVGOTNCr2pmul4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647edbe921f-FRA
content-length: 15660
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/Malwarebytes-Premium-Activation-Code-300x197.png
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

61VAFPI5QiL._SX679_-300x187.jpg
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/61VAFPI5QiL._SX679_-300x187.jpg
https://file.wmlcloud.com//wp-content/uploads/2021/01/61VAFPI5QiL._SX679_-300x187.jpg

10 KB
11 KB

306ms
305ms

Image
image/jpeg

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/61VAFPI5QiL._SX679_-300x187.jpg
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cef29a75760e55831c1e76e3d114e642304ad82c0a69cea435eb407879eba73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nj80%2BW62B1ekh%2FLfrLkEJ3FG65iFov%2FI%2BeAo6PXCmqPUcRhcF3opCiWpNcjS7gkM5KRzBc6pp7T4TR0Qftm31UzOPwK7pmsBesNpvW6dWlPJkCpO1ZsjP5iXc5x7nw2vChIR0FyzI80ZFH4URWth"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647edbf921f-FRA
content-length: 10692
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/61VAFPI5QiL._SX679_-300x187.jpg
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

Microsoft-Office-2013-300x212.jpg
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/Microsoft-Office-2013-300x212.jpg
https://file.wmlcloud.com//wp-content/uploads/2021/01/Microsoft-Office-2013-300x212.jpg

10 KB
11 KB

312ms
311ms

Image
image/jpeg

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/Microsoft-Office-2013-300x212.jpg
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b509de7c8467fbc5f5c991749185d7cbcdc4b5707e250c7b1bbc275cb8099eb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDG%2BK%2FrgGsfvhE4t0tC6WzvGdkQIMjPWIWvlYLMZfbc5z3PHW%2FOwzo1YNCFqptxHG1nJAePojxvN%2FKK%2Fz4Qqrc%2Fjrmma%2F0OHkNFkdBC23RQWBrzQbSjToF%2Fu7Ro%2BdCVHmWUYzV%2F4eMqVYu%2FTE5FJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647fdc3921f-FRA
content-length: 10601
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/Microsoft-Office-2013-300x212.jpg
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

driver-easy-pro-license-key.png
file.wmlcloud.com//wp-content/uploads/2021/01/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/01/driver-easy-pro-license-key.png
https://file.wmlcloud.com//wp-content/uploads/2021/01/driver-easy-pro-license-key.png

42 KB
43 KB

598ms
597ms

Image
image/png

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/01/driver-easy-pro-license-key.png
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c954ee1d0fbe3076c656b4965d562a2a502738bc30d781ca1900264e8eb6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUR0OxVGfks2LbiP0jRxauVbYdLBNAtjgRmBcxC7QtZgTsHbVHNsr%2F%2FDhhAtL8sXWL%2BS2fNi%2Bsf9bGMmCe7qdED6jyNsXTj6SFwPtPehUKk6x0k6fYYGZbMWEThFs4YE7AgXeUgTiixrlkCdgNXH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647fdc4921f-FRA
content-length: 43468
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/01/driver-easy-pro-license-key.png
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2

200

IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg
file.wmlcloud.com//wp-content/uploads/2021/02/
Redirect Chain

https://windowsfile.net/wp-content/uploads/2021/02/IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg
https://file.wmlcloud.com//wp-content/uploads/2021/02/IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg

35 KB
35 KB

498ms
497ms

Image
image/jpeg

2606:4700:20::ac43:4464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.wmlcloud.com//wp-content/uploads/2021/02/IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg
Requested by: Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/
Protocol: H2
Server: 2606:4700:20::ac43:4464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa1bf7fc02c3cc0db3650271c9bb2e639f576fe929c86c22198c7e2b089cf59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 03:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niLgFQuW2FFx3e0sK0VDtH0zu3ceF7sQyNWcp6AhHiPtT8BP7GNvsI%2BPiFcJaM3E7qLy7wQAEQ9m%2Bf28zd58goSu5kYfAvuvKKLJvrcQQaeP7wTRaaCYGjfwlSABiXSHADTvGrWnqOmN76FY45A9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7122c647fdc5921f-FRA
content-length: 35671
expires: Sat, 04 Jun 2022 00:11:42 GMT

Redirect headers

location: https://file.wmlcloud.com//wp-content/uploads/2021/02/IDM-Serial-Key-Free-2021-IDM-Serial-Number-Free-Download-678x381.jpg
date: Sat, 28 May 2022 00:11:42 GMT
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ 314 KB
112 KB 53ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4074290422493862&plah=windowsfile.net&bust=31067781

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4074290422493862

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa49377d7989ce034d7bb3f48b0bb3fdcb1e8b99456b8c8582f1e849b6d6dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114512
x-xss-protection: 0
server: cafe
etag: 15525279612610070612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 May 2022 00:11:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame A43B 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4074290422493862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 21:26:24 GMT
etag: 1327746537699501093
expires: Fri, 10 Jun 2022 21:26:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2 Show response
windowsfile.net/product-key-free/wp-json/wordpress-popular-posts/v1/popular-posts/widget/ 3 KB
670 B 415ms
415ms XHR
application/json 173.82.65.242
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsfile.net/product-key-free/wp-json/wordpress-popular-posts/v1/popular-posts/widget/2?is_single=0

Requested by

Host: windowsfile.net
URL: https://windowsfile.net/product-key-free/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1

Protocol

Security

QUIC, , AES_128_GCM

Server

173.82.65.242 , United States, ASN35916 (MULTA-ASN1, US),

Reverse DNS

fiber9.iaasdns.com

Software

LiteSpeed /

Resource Hash

82a16cda7737100e59e8ed67257b50b55c30e841a092e3d08cf612917c9ef782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windowsfile.net/product-key-free/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: LiteSpeed
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
content-type: application/json; charset=UTF-8
vary: Origin,Accept-Encoding
x-robots-tag: noindex
link: <https://windowsfile.net/product-key-free/wp-json/>; rel="https://api.w.org/"
content-length: 434
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 51ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=windowsfile.net&callback=_gfp_s_&client=ca-pub-4074290422493862

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4074290422493862&plah=windowsfile.net&bust=31067781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3cc993db302d969f1491456a5319f440ce0b960c37aaff7d260a03e6c6f64b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsfile.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsfile.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CED3 32 KB
5 KB 129ms
112ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&adk=3826760629&adf=1341073466&lmt=1653696701&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701237&bpp=2&bdt=544&idt=100&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6569821947263&frm=20&pv=2&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db7c42427cfa657cde283b23e15953b47f79bec3efc7f893c3fd31cf1d0dd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5603
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:11:42 GMT
expires: Sat, 28 May 2022 00:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E025 430 B
229 B 149ms
145ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&h=280&slotname=4354795369&adk=3854668580&adf=1989845619&pi=t.ma~as.4354795369&w=1040&fwrn=4&fwrnh=100&lmt=1653696701&rafmt=1&psa=0&format=1040x280&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701239&bpp=2&bdt=546&idt=122&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6569821947263&frm=20&pv=1&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IBH81a1fKW&p=https%3A//windowsfile.net&dtd=127

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dde539cc8b57377bd429b4d4a4138135197a1c18341e2e632a0a6a5cfaa3ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:11:42 GMT
expires: Sat, 28 May 2022 00:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
24ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsfile.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
22ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsfile.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA47 430 B
232 B 150ms
149ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&h=251&adk=3333839750&adf=3523427280&pi=t.aa~a.1814347921~rp.4&w=678&lmt=1653696701&nsk=fe40aa3d&rafmt=11&pwprc=6887246688&psa=0&ad_type=text_image&format=678x251&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701541&bpp=2&bdt=848&idt=-M&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ba3eb6b6149e7d8-228b6d47a0cd00e9%3AT%3D1653696702%3ART%3D1653696702%3AS%3DALNI_MYkAX2aiMLl_7P49Mx7ud2XuzNKTA&prev_fmts=0x0%2C1040x280&nras=2&correlator=6569821947263&frm=20&pv=1&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bFXl5NsBM7&p=https%3A//windowsfile.net&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

356d4cd14762129e313f075840e9042eb7d0f206abcd18137a28f25e5f53c01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:11:42 GMT
expires: Sat, 28 May 2022 00:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B61 430 B
230 B 125ms
124ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4074290422493862&output=html&h=182&adk=2469370921&adf=1373937970&pi=t.aa~a.2704852967~rp.4&w=678&lmt=1653696701&nsk=eed89d38&rafmt=11&pwprc=6887246688&psa=0&ad_type=text_image&format=678x182&url=https%3A%2F%2Fwindowsfile.net%2Fproduct-key-free%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653696701541&bpp=1&bdt=848&idt=1&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5ba3eb6b6149e7d8-228b6d47a0cd00e9%3AT%3D1653696702%3ART%3D1653696702%3AS%3DALNI_MYkAX2aiMLl_7P49Mx7ud2XuzNKTA&prev_fmts=0x0%2C1040x280%2C678x251&nras=3&correlator=6569821947263&frm=20&pv=1&ga_vid=165639728.1653696701&ga_sid=1653696701&ga_hid=1312101434&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067768%2C31067781&oid=2&pvsid=1711202958950210&pem=62&tmod=1983750413&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5cQsJnz35Z&p=https%3A//windowsfile.net&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0660d87577c30c754dc5a108e2a7f4df09577cdc9bcf5538cd5ed375ec193ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:11:42 GMT
expires: Sat, 28 May 2022 00:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 43ms
23ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220525&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

081bb477872aae5d01356379f62b994b2c8038b8904e06e8ddac0b231aef231f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 May 2022 00:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10694
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 May 2022 00:11:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D227 13 KB
5 KB 28ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 17:48:23 GMT
expires: Sat, 27 May 2023 17:48:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 27EE 783 B
1 KB 47ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2faddaeae9af19a706db1ed1762494fc4e63b8bb1f00d5c666def12205dc15e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j9DZWBUzkwA5No3K6qru7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windowsfile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-j9DZWBUzkwA5No3K6qru7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 00:11:43 GMT
expires: Sat, 28 May 2022 00:11:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame D227 35 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 18:54:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 27EE 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220525&jk=1711202958950210&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D227 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?P0Mdfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 00:11:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220525&jk=1711202958950210&bg=!U1ClUBTNAAao8wy8iPM7ACkAdvg8WqbmamieDYKSpe3mfq8mm1ZFNIpDktZlgEpX1jepEwgqo1_MKAIAAABYUgAAAAdoAQcKAOFut30qxzqjyPF1_vDgsF-YwXAvRp6ZxUd8pXrHbBKK4NEaIzZjahBeFwkHLkGSDRAjEnmWjBLYq3ABbXSByknatGycGp6iyH1XSKjD0q6cApd8blWU4XeLORW1fiLzbBqZZVWsP45toinYpjTM4DJ2w5YY0fLQWFmo4NW6K5os_WbY6lcfZ0CUVcvk51FneqgD7W12ZtXrCLPK-b94agc1zlBBJ7KG6wamIAORoV3AeetALxgxcuGRjTzdVCs7MjXoOekJc8KGSnaTBCGQ7Yb-c-TGnQbdoTtxFokq3Qr31fyZAqN4IxbfHtaph8TfiRv6YucZbvoIr3tq_gnlYOEB28iLjGt0gdaN_hG6EYQy8uuWgALOnsAExG3SyVlGM4tcqB3IEBAxZ1pjv_vtgA58nhxz1DWiyCIUrmZxwwmJnRefTcib2OXJ8gmddp-HHPUcNVJwV83gaI9o6AWB-eCjcrRTG6Th_DW3cH8hYy8dhxVBs3WgJBcXDqcmBOeOOrcr65bWID6Xrh-5BMYRUiHtTGmQH0gsHUvcwR3W37kjxey0HEr-XCPCYSp1HYT_fzW5oUS2yVdGlklVKp6JuTY26OfAGPMf44bN_1ht_zQjqsptQVCUGvY2fHHFraIrKxWMm2g5wL0vgvfmS8PdxsLzCSo-Ijp0n-PJAAI-nOFm_YmQ8ByUSND4W0nk-1Y9iVBi_UMOt56Du3TJiaI6TgWWL4AeECwX1KmyqZdZ8CLK_aPYfPt_N81Qmqy9K8d8AMk6-rM5DWhFqQduQ3Op1XdZ1e7wOIKyjtLzxfkOgOlfGQzvp2dP4rhzAbxMOOt9Abs3dTsUFHw5HRQd1RHToANsIucYgXdoO4PMxz_lyIzKeZJS_KtQGG7h80oazfrX8NhJ9kYYwPI4XoOykf4Nbe4KhHxvnCp85JkWn-weqhu8CxY3JA4pJhEaCDpqvSWX7uOTpVX8m7KDRnHmPwdcTrfBa0bfiZVPKRqrF5FBNiAhV2kdZi08byr7po2HtsnIiDRDto0KxRtdDmSBQWuDBxhOaaj32mL9kU2eMTZdoHvlXhku-L3ZUe_k1GcqEk4d0g03r-4GXjcWSZ5taZlv6BdnXMKHsju9LsHfq2xcHm_pfqDHOVClB9kFJCsn_3tkomaiJ626-G2fbbj45rEJT-ioHIDrxslSOPTMoMY-i-7DN9jkCDqbsrc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsfile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.windowsfile.net/	1970-01-20 12:43:12	Name: __gads Value: ID=5ba3eb6b6149e7d8-228b6d47a0cd00e9:T=1653696702:RT=1653696702:S=ALNI_MYkAX2aiMLl_7P49Mx7ud2XuzNKTA
			.doubleclick.net/	1970-01-20 12:43:12	Name: IDE Value: AHWqTUn9CCoE7WtDFDDZ94iW-pJBAseUkOOsBQ9T9e584OAEwWjrukMsiTRs4H4AA2c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
es.windowsfile.net
file.wmlcloud.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
windowsfile.net
www.google.com
142.250.185.226
173.82.65.242
173.82.83.210
2606:4700:20::ac43:4464
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0660d87577c30c754dc5a108e2a7f4df09577cdc9bcf5538cd5ed375ec193ee4
081bb477872aae5d01356379f62b994b2c8038b8904e06e8ddac0b231aef231f
0dde539cc8b57377bd429b4d4a4138135197a1c18341e2e632a0a6a5cfaa3ecf
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2db7c42427cfa657cde283b23e15953b47f79bec3efc7f893c3fd31cf1d0dd9a
2faddaeae9af19a706db1ed1762494fc4e63b8bb1f00d5c666def12205dc15e5
356d4cd14762129e313f075840e9042eb7d0f206abcd18137a28f25e5f53c01b
3844603c168ef662e66c3fc778063a9777afe9b94d10e550762a28fbb0c3e422
3a47ccbb18cf109841fcae423196a18ff52126f157855b4424d6a8222ad9ae18
3cc993db302d969f1491456a5319f440ce0b960c37aaff7d260a03e6c6f64b3b
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
430df020a5c2325ff6283cba6d9689c87e8f6cba53094fa342a55e2c15fcb39b
473056e6c9a6bf29f04eb2f82eb5946ff9a8c2a608e8135f2ff977fe97d3e99d
48427e493ea08123566dcb25038475a8accb386ed77122a113d90750f6a6e88f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624ddaf69e9588a489348376396c4a31be0bf27ae93e1ec65d771afadc9659e4
6b5d5090a4f51ba5d7dd926fe87f8f2eddd9966947932596d2a56be4c1c5d1fc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aa1bf7fc02c3cc0db3650271c9bb2e639f576fe929c86c22198c7e2b089cf59
7cef29a75760e55831c1e76e3d114e642304ad82c0a69cea435eb407879eba73
82a16cda7737100e59e8ed67257b50b55c30e841a092e3d08cf612917c9ef782
87c954ee1d0fbe3076c656b4965d562a2a502738bc30d781ca1900264e8eb6bb
8df7667db11a1cbae8ba0332258e0d3da3c26d2bab794bdcf8805df869482200
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9be23caefb4d360ef56fdc765dec8c496cf493bfdd6b01509f4bc971a6ab9ef1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b09adf5982e8b6c80f59f27ac5751b63f411728a7387386ab49bd1bfc00bfc48
b509de7c8467fbc5f5c991749185d7cbcdc4b5707e250c7b1bbc275cb8099eb7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cfa49377d7989ce034d7bb3f48b0bb3fdcb1e8b99456b8c8582f1e849b6d6dd1
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77ac840f538a2f9d5a2eedfe6a8c3e3b531892742937c64d7a582c033a079f9
f9f36e3285ecb1cf013e8508a80a7193660c2fce2ca5aa28d1f81d8fd66d7c2f

windowsfile.net Open in urlscan Pro 173.82.65.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

78 %HTTPS

73 %IPv6

9 Domains

12 Subdomains

10 IPs

2 Countries

681 kBTransfer

1419 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

windowsfile.net Open in urlscan Pro
173.82.65.242 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

78 %
HTTPS

73 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

681 kB
Transfer

1419 kB
Size

2
Cookies

45 HTTP transactions
0 data transactions