urlscan.io logo urlscan.io
SecurityTrails logo

winsysclean-x2.soft112.com Open in urlscan Pro
104.243.34.208  Public Scan

Go To Rescan Add Verdict Report
URL: https://winsysclean-x2.soft112.com/
Submission: On July 19 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 104.243.34.208, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is winsysclean-x2.soft112.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 6th 2020. Valid for: 3 months.
This is the only time winsysclean-x2.soft112.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    104.243.34.208 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
winsysclean-x2.soft112.com
www.soft112.com
2    104.243.34.207 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
www.enquoted.com
harsha-bhogle-quotes.enquoted.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
4    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.111.9.32 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
cdn.soft112.com
2    2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 www.soft112.com winsysclean-x2.soft112.com
pagead2.googlesyndication.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
winsysclean-x2.soft112.com
4 fonts.gstatic.com winsysclean-x2.soft112.com
4 pagead2.googlesyndication.com winsysclean-x2.soft112.com
pagead2.googlesyndication.com
3 winsysclean-x2.soft112.com www.soft112.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 cdn.soft112.com winsysclean-x2.soft112.com
1 harsha-bhogle-quotes.enquoted.com www.soft112.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net winsysclean-x2.soft112.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.googletagmanager.com winsysclean-x2.soft112.com
1 fonts.googleapis.com winsysclean-x2.soft112.com
1 www.enquoted.com winsysclean-x2.soft112.com
35 16
Subject Issuer Validity Valid
soft112.com
Let's Encrypt Authority X3		 2020-05-06 -
2020-08-04		 3 months crt.sh
enquoted.com
Let's Encrypt Authority X3		 2020-05-06 -
2020-08-04		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://winsysclean-x2.soft112.com/
Frame ID: ED8D06E0960126EC404F3D537F2BD885
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html
Frame ID: 3EF681D5CA666C6C691402D40FFCAE01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=3702149330&adk=1558737776&adf=100975208&w=817&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=817x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099566&bpp=29&bdt=613&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2435890267131&frm=20&pv=2&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=131240&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=178&ady=341&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UCPoOtI66F&p=https%3A//winsysclean-x2.soft112.com&dtd=104
Frame ID: 4F957970D13FF31FAEC230D0981644EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=3307057739&adk=3492521732&adf=1894585393&w=817&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=817x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099595&bpp=3&bdt=642&idt=87&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=182&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WqFMOtPtcx&p=https%3A//winsysclean-x2.soft112.com&dtd=90
Frame ID: 53B4B3DB441C138CA46D01B770C00E0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=5178882531&adk=3374003905&adf=384199165&w=391&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=391x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099601&bpp=3&bdt=648&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280%2C817x280&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=s1ksz8q7NI&p=https%3A//winsysclean-x2.soft112.com&dtd=91
Frame ID: 5924A82CA772662DF5F0CE5F3C1A2A45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&adk=1812271804&adf=3025194257&lmt=1595189098&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595189099627&bpp=1&bdt=675&idt=69&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280%2C817x280%2C391x280&nras=1&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=3&uci=a!3&fsb=1&dtd=75
Frame ID: BE86E83F66AB0ED23608F2760D2E66FF
Requests: 1 HTTP requests in this frame

Frame: https://harsha-bhogle-quotes.enquoted.com/cliches-are-cliches-because-they-are-true-enquoted.html
Frame ID: 8FB538D67478DC131E8A427286D49967
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 09D751D00BC6EEBE88DC134BAC97B8ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

35
Requests

100 %
HTTPS

70 %
IPv6

11
Domains

16
Subdomains

11
IPs

3
Countries

452 kB
Transfer

1082 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=641457254&t=pageview&_s=1&dl=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ul=en-us&de=UTF-8&dt=WinSysClean%20X10%20Free%2020.0.500%20Free%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=738751031&gjid=1799830210&cid=144930174.1595189100&tid=UA-1365233-25&_gid=497626392.1595189100&_r=1&gtm=2wg783TDXFL7&z=73695133 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1365233-25&cid=144930174.1595189100&jid=738751031&_gid=497626392.1595189100&gjid=1799830210&_v=j83&z=73695133

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
winsysclean-x2.soft112.com/ 		40 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winsysclean-x2.soft112.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) / Smart.Framework PHP/Javascript :: v.5.7.2-r.2020.04.28 @ [I]
Resource Hash
5c67d6a85c6016991c3751f43eec5d942e0ac4a44993a5031934216eb700fcd1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' soft112.com *.soft112.com

Request headers

Host
winsysclean-x2.soft112.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 19 Jul 2020 20:04:58 GMT
Server
Apache/2.4.38 (Debian)
X-Powered-By
Smart.Framework PHP/Javascript :: v.5.7.2-r.2020.04.28 @ [I]
Set-Cookie
S112__UID=8eae6be0d91038105f740a89fbc5818225e819e0; path=/; domain=soft112.com
Content-Security-Policy
frame-ancestors 'self' soft112.com *.soft112.com
Cache-Control
no-cache
Pragma
no-cache
Expires
Fri, 19 Jul 2019 20:04:58 GMT
Last-Modified
Sun, 19 Jul 2020 20:04:58 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
10558
Keep-Alive
timeout=7, max=250
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
s112-ui.css
www.soft112.com/etc/templates/website/ 		78 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.soft112.com/etc/templates/website/s112-ui.css?1qkjndd
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
c7890efe327d942de5974c4bbf06ceb9c7b3cf6197cd8e2e6b030a4a0932929f

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 19 Jul 2020 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2020 15:56:51 GMT
Server
Apache/2.4.38 (Debian)
ETag
"139a4-5a45be139f80e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=7, max=250
Content-Length
24978
Expires
Sun, 26 Jul 2020 20:04:59 GMT
s112-ui.js
www.soft112.com/etc/templates/website/ 		163 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.soft112.com/etc/templates/website/s112-ui.js?1qkjndd
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
33ab1898aaf52fc80b5e044fa4be70de90c6bf7300584d559fb9641c62e7c55d

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 19 Jul 2020 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2020 15:56:51 GMT
Server
Apache/2.4.38 (Debian)
ETag
"28df7-5a45be139f80e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=7, max=250
Content-Length
51890
Expires
Sun, 26 Jul 2020 20:04:59 GMT
smart-framework.pak.js
www.soft112.com/lib/js/framework/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.soft112.com/lib/js/framework/smart-framework.pak.js?1qkjndd
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
895f7e7193cb7251863b4cfb3e63ebd26080233b80240c3e70415afd82c954fe

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 19 Jul 2020 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2020 15:56:49 GMT
Server
Apache/2.4.38 (Debian)
ETag
"18571-5a45be11ae6ef-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=7, max=250
Content-Length
30694
Expires
Sun, 26 Jul 2020 20:04:59 GMT
getaquote.js
www.enquoted.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.enquoted.com/getaquote.js?r=1594680083
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.207 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) / Smart.Framework PHP/Javascript :: v.3.7.8-r.2019.03.15 @ [I]
Resource Hash
ad1b8a90e8c4e57ea2bd0e49295514b25a654eba51a633d0028d8745f0153fe5

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jul 2020 20:04:59 GMT
Etag
bc55e7485167996d590ff3e5efa74fd9327a30d7
Last-Modified
Sun, 19 Jul 2020 20:04:59 GMT
Server
Apache/2.4.38 (Debian)
X-Powered-By
Smart.Framework PHP/Javascript :: v.3.7.8-r.2019.03.15 @ [I]
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Content-Disposition
inline
Connection
Keep-Alive
Keep-Alive
timeout=7, max=250
Content-Length
3059
Expires
Fri, 19 Jul 2019 20:04:59 GMT
css
fonts.googleapis.com/ 		10 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic&subset=latin,latin-ext
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b67ffa5bcc69b72e1fd971de44ff6e71b379f039adc48eec47bb678bb619d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jul 2020 20:04:59 GMT
server
ESF
date
Sun, 19 Jul 2020 20:04:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jul 2020 20:04:59 GMT
sf-icons.css
www.soft112.com/lib/css/toolkit/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.soft112.com/lib/css/toolkit/sf-icons.css?1qkjndd
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
ce4b99d2a5cee9833842a911da811de0a9b166914ddb7088df032dab3d72cb2e

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 19 Jul 2020 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2020 15:56:49 GMT
Server
Apache/2.4.38 (Debian)
ETag
"396f-5a45be11a798f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=7, max=249
Content-Length
3123
Expires
Sun, 26 Jul 2020 20:04:59 GMT
gtm.js
www.googletagmanager.com/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDXFL7
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f71192aa44ab29e130d09d627c0cab2e5e8b7376651cf689285c5b9fd4edbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 19 Jul 2020 20:04:59 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28835
x-xss-protection
0
last-modified
Sun, 19 Jul 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Jul 2020 20:04:59 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0356fffd76439eab96fbf581a17ce9f8393a768d91e13a300b18add25483c184

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
visit-app
winsysclean-x2.soft112.com/ 		89 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://winsysclean-x2.soft112.com/visit-app?id=winsysclean-x2
Requested by
Host: www.soft112.com
URL: https://www.soft112.com/etc/templates/website/s112-ui.js?1qkjndd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) / Smart.Framework PHP/Javascript :: v.5.7.2-r.2020.04.28 @ [I]
Resource Hash
8f32ebe66999c22d2281ca1422fc804f5a1c89063d0369ee1beed3435972423e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' soft112.com *.soft112.com

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://winsysclean-x2.soft112.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jul 2020 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Jul 2020 20:04:59 GMT
Server
Apache/2.4.38 (Debian)
X-Powered-By
Smart.Framework PHP/Javascript :: v.5.7.2-r.2020.04.28 @ [I]
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors 'self' soft112.com *.soft112.com
Connection
Keep-Alive
Keep-Alive
timeout=7, max=249
Content-Length
98
Expires
Fri, 19 Jul 2019 20:04:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d45ceeab7b570e1d2bc653f4b6c66b41192e3c42ec4491c2a725547db042261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 19 Jul 2020 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42344
x-xss-protection
0
server
cafe
etag
17287300223616214041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Jul 2020 20:04:59 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic&subset=latin,latin-ext
Origin
https://winsysclean-x2.soft112.com

Response headers

date
Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
3308495
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:24 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic&subset=latin,latin-ext
Origin
https://winsysclean-x2.soft112.com

Response headers

date
Tue, 14 Jul 2020 15:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
448324
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 14 Jul 2021 15:32:55 GMT
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic&subset=latin,latin-ext
Origin
https://winsysclean-x2.soft112.com

Response headers

date
Wed, 08 Jul 2020 21:29:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:02 GMT
server
sffe
age
945358
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9728
x-xss-protection
0
expires
Thu, 08 Jul 2021 21:29:01 GMT
memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic&subset=latin,latin-ext
Origin
https://winsysclean-x2.soft112.com

Response headers

date
Fri, 12 Jun 2020 00:28:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:15 GMT
server
sffe
age
3267397
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9416
x-xss-protection
0
expires
Sat, 12 Jun 2021 00:28:22 GMT
truncated
/ 		284 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e4d36c2961c633951b7f99adb6d29b450f35f1f3fac14ed5a8207e8794bba79

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDXFL7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4121
date
Sun, 19 Jul 2020 18:56:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sun, 19 Jul 2020 20:56:18 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=winsysclean-x2.soft112.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jul 2020 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=winsysclean-x2.soft112.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jul 2020 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 19 Jul 2020 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
84780
x-xss-protection
0
server
cafe
etag
2308157152436191864
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Jul 2020 20:04:59 GMT
sf-icons.woff2
www.soft112.com/lib/css/toolkit/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.soft112.com/lib/css/toolkit/fonts/sf-icons.woff2?v.1.7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
979592f445b2c2e90e9063a6d74080bb92e63bd796cc2e148595a873a98a7f75

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.soft112.com/lib/css/toolkit/sf-icons.css?1qkjndd
Origin
https://winsysclean-x2.soft112.com

Response headers

Date
Sun, 19 Jul 2020 20:04:59 GMT
Last-Modified
Tue, 28 Apr 2020 15:56:49 GMT
Server
Apache/2.4.38 (Debian)
ETag
"7864-5a45be11a1bcf"
Content-Type
application/x-font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=7, max=250
Content-Length
30820
Expires
Tue, 18 Aug 2020 20:04:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/ Frame 3EF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200715/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winsysclean-x2.soft112.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 16 Jul 2020 10:06:22 GMT
expires
Thu, 30 Jul 2020 10:06:22 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
295117
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
top-downloads-by-week
winsysclean-x2.soft112.com/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://winsysclean-x2.soft112.com/top-downloads-by-week?categ=System-Utilities
Requested by
Host: www.soft112.com
URL: https://www.soft112.com/etc/templates/website/s112-ui.js?1qkjndd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.208 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) / Smart.Framework PHP/Javascript :: v.5.7.2-r.2020.04.28 @ [I]
Resource Hash
206d72c21eda8b4f698f4bcb66b1a92da7c4adcf56f0288f9b7ec22b98e6ecf1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' soft112.com *.soft112.com

Request headers

Accept
text/html, */*; q=0.01
Referer
https://winsysclean-x2.soft112.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jul 2020 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Jul 2020 20:04:59 GMT
Server
Apache/2.4.38 (Debian)
X-Powered-By
Smart.Framework PHP/Javascript :: v.5.7.2-r.2020.04.28 @ [I]
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors 'self' soft112.com *.soft112.com
Connection
Keep-Alive
Keep-Alive
timeout=7, max=248
Content-Length
968
Expires
Fri, 19 Jul 2019 20:04:59 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=641457254&t=pageview&_s=1&dl=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ul=en-us&de=UTF-8&dt=WinSysClean%20X10%20Free%2020.0.500%20Fre...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1365233-25&cid=144930174.1595189100&jid=738751031&_gid=497626392.1595189100&gjid=1799830210&_v=j83&z=73695133
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1365233-25&cid=144930174.1595189100&jid=738751031&_gid=497626392.1595189100&gjid=1799830210&_v=j83&z=73695133
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Jul 2020 20:04:59 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jul 2020 20:04:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1365233-25&cid=144930174.1595189100&jid=738751031&_gid=497626392.1595189100&gjid=1799830210&_v=j83&z=73695133
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
415
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=641457254&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ul=en-us&de=UTF-8&dt=WinSysClean%20X10%20Free%2020.0.500%20Free%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ADS%20Visit&ea=Adsense&el=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&_u=YEDAAEAB~&jid=&gjid=&cid=144930174.1595189100&tid=UA-1365233-25&_gid=497626392.1595189100&gtm=2wg783TDXFL7&z=130349248
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jul 2020 16:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
702445
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=641457254&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ul=en-us&de=UTF-8&dt=WinSysClean%20X10%20Free%2020.0.500%20Free%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlock&ea=winsysclean-x2.soft112.com&el=ad_visible&_u=YEDAAEAB~&jid=&gjid=&cid=144930174.1595189100&tid=UA-1365233-25&_gid=497626392.1595189100&gtm=2wg783TDXFL7&z=561317823
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jul 2020 16:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
702445
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4F95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=3702149330&adk=1558737776&adf=100975208&w=817&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=817x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099566&bpp=29&bdt=613&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2435890267131&frm=20&pv=2&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=131240&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=178&ady=341&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UCPoOtI66F&p=https%3A//winsysclean-x2.soft112.com&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=3702149330&adk=1558737776&adf=100975208&w=817&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=817x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099566&bpp=29&bdt=613&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2435890267131&frm=20&pv=2&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=131240&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=178&ady=341&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UCPoOtI66F&p=https%3A//winsysclean-x2.soft112.com&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winsysclean-x2.soft112.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Jul 2020 20:05:00 GMT
server
cafe
content-length
20998
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Jul-2020 20:19:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Jul 2020 20:05:00 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c454e1fabc3c1f69a23adddf6731d3601848e1e0fbf7fe5ad91716c1ec88b79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 19 Jul 2020 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1594985941960796"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27217
x-xss-protection
0
expires
Sun, 19 Jul 2020 20:04:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 53B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=3307057739&adk=3492521732&adf=1894585393&w=817&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=817x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099595&bpp=3&bdt=642&idt=87&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=182&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WqFMOtPtcx&p=https%3A//winsysclean-x2.soft112.com&dtd=90
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=3307057739&adk=3492521732&adf=1894585393&w=817&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=817x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099595&bpp=3&bdt=642&idt=87&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=182&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WqFMOtPtcx&p=https%3A//winsysclean-x2.soft112.com&dtd=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winsysclean-x2.soft112.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Jul 2020 20:05:00 GMT
server
cafe
content-length
21814
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Jul-2020 20:19:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Jul 2020 20:05:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5924 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=5178882531&adk=3374003905&adf=384199165&w=391&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=391x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099601&bpp=3&bdt=648&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280%2C817x280&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=s1ksz8q7NI&p=https%3A//winsysclean-x2.soft112.com&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7976954900542067&output=html&h=280&slotname=5178882531&adk=3374003905&adf=384199165&w=391&fwrn=4&fwrnh=100&lmt=1595189098&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=391x280&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595189099601&bpp=3&bdt=648&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280%2C817x280&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=s1ksz8q7NI&p=https%3A//winsysclean-x2.soft112.com&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winsysclean-x2.soft112.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Jul 2020 20:05:00 GMT
server
cafe
content-length
20946
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Jul-2020 20:19:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Jul 2020 20:05:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BE86 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7976954900542067&output=html&adk=1812271804&adf=3025194257&lmt=1595189098&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595189099627&bpp=1&bdt=675&idt=69&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280%2C817x280%2C391x280&nras=1&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=3&uci=a!3&fsb=1&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7976954900542067&output=html&adk=1812271804&adf=3025194257&lmt=1595189098&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwinsysclean-x2.soft112.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595189099627&bpp=1&bdt=675&idt=69&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=817x280%2C817x280%2C391x280&nras=1&correlator=2435890267131&frm=20&pv=1&ga_vid=144930174.1595189100&ga_sid=1595189100&ga_hid=641457254&ga_fc=0&iag=0&icsg=655528&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066624&oid=3&pvsid=1130753911019056&pem=181&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=3&uci=a!3&fsb=1&dtd=75
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winsysclean-x2.soft112.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Jul 2020 20:04:59 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Jul-2020 20:19:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Jul 2020 20:04:59 GMT
cache-control
private
Cookie set cliches-are-cliches-because-they-are-true-enquoted.html
harsha-bhogle-quotes.enquoted.com/ Frame 8FB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://harsha-bhogle-quotes.enquoted.com/cliches-are-cliches-because-they-are-true-enquoted.html
Requested by
Host: www.soft112.com
URL: https://www.soft112.com/etc/templates/website/s112-ui.js?1qkjndd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.243.34.207 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) / Smart.Framework PHP/Javascript :: v.3.7.8-r.2019.03.15 @ [I]
Resource Hash

Request headers

Host
harsha-bhogle-quotes.enquoted.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winsysclean-x2.soft112.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
EnQuotedCom__UID=5ff781bdedd79e4471b1f7c993c88aacf505744e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

Date
Sun, 19 Jul 2020 20:05:00 GMT
Server
Apache/2.4.38 (Debian)
X-Powered-By
Smart.Framework PHP/Javascript :: v.3.7.8-r.2019.03.15 @ [I]
Set-Cookie
enq_img=auto-2255161.jpg; path=/; domain=enquoted.com
Cache-Control
no-cache
Pragma
no-cache
Expires
Fri, 19 Jul 2019 20:05:00 GMT
Last-Modified
Sun, 19 Jul 2020 20:05:00 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
4983
Keep-Alive
timeout=7, max=250
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
pad_screenshot_240x180.png
cdn.soft112.com/winsysclean-x2/00/00/00/4O/0000004OK5/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.soft112.com/winsysclean-x2/00/00/00/4O/0000004OK5/pad_screenshot_240x180.png
Requested by
Host: winsysclean-x2.soft112.com
URL: https://winsysclean-x2.soft112.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.111.9.32 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
864f7c849d4480a5e3749b1b7ffd8a98fa80fc844e85974224abdae32aa39f26

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 19 Jul 2020 20:05:00 GMT
last-modified
Sun, 26 Apr 2020 19:37:16 GMT
server
NetDNA-cache/2.2
etag
"bfd9-5a436b9d75050"
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
49113
expires
Sun, 26 Jul 2020 20:05:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d536ee9e3d4f9c9fb50abd8e106a9c60c2d2acee831385609630a9177dd5a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jul 2020 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5668
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 19 Jul 2020 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Sun, 19 Jul 2020 20:05:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 09D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winsysclean-x2.soft112.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://winsysclean-x2.soft112.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Sun, 19 Jul 2020 19:44:33 GMT
expires
Mon, 19 Jul 2021 19:44:33 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1228
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=1130753911019056&bg=!lJell49YX39HYfuYi40CAAAAQlIAAAANCgA6SN9hyr82MuaK9nwRWkKZ74yKR3vfalw98jawX12bHX7sQ7vwT_UJ860v2H0TUzJbbrYvWoAS2D57kpkBi4YCOxVnhwIHrmKImEkOQDYKF4pT8SXjIk1XA8X2cOzbBiRXxDMBzdeaZ-oNSjrQ5d21mfpSPcjDAiBAU6s2TGbHHE61cJ2j8QJWeIkH4f-9_HoQ3mUQEhkYZbc5KtbS_zO49vvBAPWPdKV3TFwtYIC4oLI-4zER7vIRmHs8rN-VVfTU45pCdINoreLKLSh0cA6ntks3ienYgrOxwdiPOWbswGsDHEMBt71nfbyUFbM50hHd8h1-xsaAAjCk-5EM4OiBvNIqGNcm0VFbOoX2sKfZFxRESxmXVzRb37Te3Z8f28_vZIQiAjTh58oSFjIv3OYkN03bjXwoF8k4WEOGIDUm1lENxRoNVysKS-HDqNusCJaWW30ROyg2pc4XUF4wDE552rynf4Nwo_V3YDMb2xkhbH0XfgFcRRZzZXJf2ejfUxY4p7fOW4fvJ6s1ZX88OEUXbPmbNBoIqQ8djyhEyR5J0lZ-AIjthf6pLywRockzMhOQ2BwZ3D7EGmtTcUZjbytRS2D3_u0nWtf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winsysclean-x2.soft112.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jul 2020 20:05:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| SmartSimpleDialog object| SmartSimpleTabs object| CollapsibleDivControl function| $ function| jQuery object| SmartJS_CoreUtils object| SmartJS_DateUtils object| SmartJS_TestCrypto boolean| SmartJS_TestBase64 object| SmartJS_Base64 boolean| SmartJS_TestCRC32B boolean| SmartJS_TestMD5 boolean| SmartJS_TestSHA1 boolean| SmartJS_TestSHA512 object| SmartJS_CryptoHash object| SmartJS_ModalBox object| Test_Browser_Compliance object| SmartJS_BrowserUtils object| SmartJS_CryptoBlowfish object| dataLayer string| app_slug_id string| app_download_link object| AdSenseGoogleAdsLoadScript object| adsbygoogle object| google_tag_manager string| s112_adtp object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| the_rating_of_user number| the_rating_of_editor object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.enquoted.com/ Name: _gat_UA-1365233-44
Value: 1
.enquoted.com/ Name: _gid
Value: GA1.2.1451416050.1595189101
.enquoted.com/ Name: _ga
Value: GA1.2.151020001.1595189101
.enquoted.com/ Name: enq_img
Value: auto-2255161.jpg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnttm5JC_O9p6szDcSdXxbWjTMdf4qbhPgrWUtsNXvMWeWdqDHxADq6R4f4
.soft112.com/ Name: _gid
Value: GA1.2.497626392.1595189100
.enquoted.com/ Name: EnQuotedCom__UID
Value: 5ff781bdedd79e4471b1f7c993c88aacf505744e
.soft112.com/ Name: _ga
Value: GA1.2.144930174.1595189100
.soft112.com/ Name: _gat_UA-1365233-25
Value: 1
.soft112.com/ Name: S112__UID
Value: 8eae6be0d91038105f740a89fbc5818225e819e0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' soft112.com *.soft112.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.soft112.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
harsha-bhogle-quotes.enquoted.com
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
winsysclean-x2.soft112.com
www.enquoted.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.soft112.com
104.243.34.207
104.243.34.208
23.111.9.32
2a00:1450:4001:801::2002
2a00:1450:4001:814::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::2001
2a00:1450:4001:821::2008
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9b
0356fffd76439eab96fbf581a17ce9f8393a768d91e13a300b18add25483c184
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
206d72c21eda8b4f698f4bcb66b1a92da7c4adcf56f0288f9b7ec22b98e6ecf1
33ab1898aaf52fc80b5e044fa4be70de90c6bf7300584d559fb9641c62e7c55d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5c67d6a85c6016991c3751f43eec5d942e0ac4a44993a5031934216eb700fcd1
6e4d36c2961c633951b7f99adb6d29b450f35f1f3fac14ed5a8207e8794bba79
7f71192aa44ab29e130d09d627c0cab2e5e8b7376651cf689285c5b9fd4edbf7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864f7c849d4480a5e3749b1b7ffd8a98fa80fc844e85974224abdae32aa39f26
895f7e7193cb7251863b4cfb3e63ebd26080233b80240c3e70415afd82c954fe
8b67ffa5bcc69b72e1fd971de44ff6e71b379f039adc48eec47bb678bb619d15
8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931
8f32ebe66999c22d2281ca1422fc804f5a1c89063d0369ee1beed3435972423e
979592f445b2c2e90e9063a6d74080bb92e63bd796cc2e148595a873a98a7f75
9d45ceeab7b570e1d2bc653f4b6c66b41192e3c42ec4491c2a725547db042261
9d536ee9e3d4f9c9fb50abd8e106a9c60c2d2acee831385609630a9177dd5a2a
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ad1b8a90e8c4e57ea2bd0e49295514b25a654eba51a633d0028d8745f0153fe5
c454e1fabc3c1f69a23adddf6731d3601848e1e0fbf7fe5ad91716c1ec88b79c
c7890efe327d942de5974c4bbf06ceb9c7b3cf6197cd8e2e6b030a4a0932929f
ce4b99d2a5cee9833842a911da811de0a9b166914ddb7088df032dab3d72cb2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305