urlscan.io logo urlscan.io
SecurityTrails logo

www.winhelponline.com Open in urlscan Pro
2606:4700:20::681a:c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.winhelponline.com/
Effective URL: https://www.winhelponline.com/
Submission: On April 27 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 6 countries across 51 domains to perform 139 HTTP transactions. The main IP is 2606:4700:20::681a:c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.winhelponline.com. The Cisco Umbrella rank of the primary domain is 821844.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2023. Valid for: a year.
This is the only time www.winhelponline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
39 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:e4:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 23.35.236.201 16625 (AKAMAI-AS)
3 13.224.192.181 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.214.165.89 14618 (AMAZON-AES)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 104.36.113.67 62713 (AS-PUBMATIC)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.230 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 65.9.66.33 16509 (AMAZON-02)
1 18.66.112.32 16509 (AMAZON-02)
1 143.204.89.74 16509 (AMAZON-02)
3 3 34.250.48.151 16509 (AMAZON-02)
3 3 185.89.210.46 29990 (ASN-APPNEX)
1 3 192.82.242.209 62713 (AS-PUBMATIC)
1 1 193.0.160.131 54312 (ROCKETFUEL)
11 104.36.113.107 62713 (AS-PUBMATIC)
2 2 151.101.194.49 54113 (FASTLY)
1 3 52.46.143.56 16509 (AMAZON-02)
9 9 172.217.18.98 15169 (GOOGLE)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 76.223.111.18 16509 (AMAZON-02)
1 3.229.9.249 14618 (AMAZON-AES)
1 35.204.74.118 396982 (GOOGLE-CL...)
2 3.33.220.150 16509 (AMAZON-02)
1 1 46.228.164.11 56396 (AMOBEE)
2 2 3.71.149.231 16509 (AMAZON-02)
1 192.82.242.213 62713 (AS-PUBMATIC)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 204.237.133.242 3257 (GTT-BACKB...)
2 7 185.80.39.216 27381 (CASALE-MEDIA)
1 5 172.64.154.204 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 209.25.233.254 13768 (COGECO-PEER1)
1 1 51.89.9.252 16276 (OVH)
1 1 147.75.84.158 54825 (PACKET)
1 1 23.35.228.23 16625 (AKAMAI-AS)
1 104.36.113.111 62713 (AS-PUBMATIC)
5 5 54.155.84.200 ()
1 1 185.86.138.153 ()
1 1 74.214.196.131 ()
1 1 74.121.143.240 ()
1 72.251.245.179 ()
1 1 2620:116:800d... ()
1 1 34.102.163.6 ()
1 178.250.1.9 ()
1 2 35.244.159.8 ()
1 3.120.86.255 ()
1 52.73.45.124 ()
1 63.35.1.49 ()
1 1 34.194.29.115 ()
1 2a02:fa8:8806... ()
1 192.0.76.3 ()
1 52.222.247.205 ()
2 99.83.181.31 ()
139 48
1    2606:4700:20::681a:10c (United States)

ASN13335 (CLOUDFLARENET, US)
www.winhelponline.com
39    2606:4700:20::681a:c (United States)

ASN13335 (CLOUDFLARENET, US)
www.winhelponline.com
4    2606:4700:3033::6815:1c30 (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
the.gatekeeperconsent.com
gvl.gatekeeperconsent.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
ezodn.com
g.ezodn.com
basher.ezodn.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    3.214.165.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-165-89.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    104.36.113.67 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    65.9.66.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-33.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.89.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-74.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
3    34.250.48.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-48-151.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
11    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.229.9.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-9-249.compute-1.amazonaws.com
thrtle.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    192.82.242.213 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2a05:d018:d29:3605:ba5:3c85:9cb8:2168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    204.237.133.242 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
t.pubmatic.com
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    172.64.154.204 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    209.25.233.254 (Canada)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
5    54.155.84.200 (None, )

ASN- ()
match.prod.bidr.io
1    185.86.138.153 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    74.121.143.240 (None, )

ASN- ()
sync.mathtag.com
1    72.251.245.179 (None, )

ASN- ()
cm.adgrx.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (None, )

ASN- ()
cms.quantserve.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    35.244.159.8 (None, )

ASN- ()
us-u.openx.net
1    3.120.86.255 (None, )

ASN- ()
crb.kargo.com
1    52.73.45.124 (None, )

ASN- ()
sync.bfmio.com
1    63.35.1.49 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
1    34.194.29.115 (None, )

ASN- ()
sync.ipredictive.com
1    2a02:fa8:8806:16::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    192.0.76.3 (None, )

ASN- ()
pixel.wp.com
1    52.222.247.205 (None, )

ASN- ()
aax.amazon-adsystem.com
2    99.83.181.31 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
40 winhelponline.com
www.winhelponline.com — Cisco Umbrella Rank: 821844
283 KB
29 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
ow.pubmatic.com — Cisco Umbrella Rank: 4018
image6.pubmatic.com — Cisco Umbrella Rank: 1037
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image4.pubmatic.com — Cisco Umbrella Rank: 1704
t.pubmatic.com — Cisco Umbrella Rank: 4613
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
182 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
ad.doubleclick.net — Cisco Umbrella Rank: 201
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
176 KB
7 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
7 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax.amazon-adsystem.com
64 KB
6 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 12820
ezodn.com — Cisco Umbrella Rank: 11066
g.ezodn.com — Cisco Umbrella Rank: 15904
basher.ezodn.com — Cisco Umbrella Rank: 13245
200 KB
5 bidr.io
match.prod.bidr.io
3 KB
5 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 3474
cd.connatix.com
cds.connatix.com
281 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4666
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5724
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6329
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
15 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1542
api.btloader.com — Cisco Umbrella Rank: 1745
44 KB
4 gatekeeperconsent.com
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 53432
the.gatekeeperconsent.com — Cisco Umbrella Rank: 57051
gvl.gatekeeperconsent.com — Cisco Umbrella Rank: 59082
146 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
4 KB
3 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3698
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4186
a.ad.gt — Cisco Umbrella Rank: 4166
4 KB
2 openx.net
us-u.openx.net
530 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
374 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
529 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
734 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
741 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1707
1 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
453 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
1 wp.com
pixel.wp.com
126 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 ipredictive.com
sync.ipredictive.com
554 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
397 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
462 B
1 criteo.com
dis.criteo.com
363 B
1 mrtnsvr.com
ad.mrtnsvr.com
308 B
1 quantserve.com
cms.quantserve.com
590 B
1 adgrx.com
cm.adgrx.com
283 B
1 mathtag.com
sync.mathtag.com
737 B
1 contextweb.com
bh.contextweb.com
706 B
1 smartadserver.com
rtb-csync.smartadserver.com
790 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 2144
476 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
218 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
135 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
349 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9478
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 28294
269 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
518 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
610 B
1 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2147
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
795 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
17 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3273
10 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
2 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607
imasdk.googleapis.com Failed
31 KB
139 51
Domain Requested by
40 www.winhelponline.com 1 redirects www.winhelponline.com
9 cm.g.doubleclick.net 9 redirects
8 ow.pubmatic.com ads.pubmatic.com
ssum-sec.casalemedia.com
6 simage2.pubmatic.com ads.pubmatic.com
5 match.prod.bidr.io 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
4 ads.pubmatic.com www.winhelponline.com
ads.pubmatic.com
4 securepubads.g.doubleclick.net www.winhelponline.com
securepubads.g.doubleclick.net
cd.connatix.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 s.amazon-adsystem.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ib.adnxs.com 3 redirects
3 ads.servenobid.com 3 redirects
3 c.amazon-adsystem.com www.winhelponline.com
c.amazon-adsystem.com
2 cds.connatix.com cd.connatix.com
2 us-u.openx.net 1 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
2 capi.connatix.com cd.connatix.com
2 ups.analytics.yahoo.com 2 redirects
2 match.adsrvr.org ssum-sec.casalemedia.com
2 eb2.3lift.com 1 redirects
2 pixel.tapad.com 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 api.btloader.com www.winhelponline.com
btloader.com
2 ad-delivery.net www.winhelponline.com
2 id.hadron.ad.gt cdn.hadronid.net
2 gvl.gatekeeperconsent.com the.gatekeeperconsent.com
2 btloader.com 1 redirects www.winhelponline.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 basher.ezodn.com www.winhelponline.com
2 www.google-analytics.com www.winhelponline.com
www.google-analytics.com
2 go.ezodn.com www.winhelponline.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pixel.wp.com
1 cd.connatix.com 1 redirects
1 pubmatic-match.dotomi.com
1 sync.ipredictive.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 dis.criteo.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 cms.quantserve.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 hbx.media.net 1 redirects
1 prebid.a-mo.net 1 redirects
1 onetag-sys.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 t.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com
1 image4.pubmatic.com
1 ad.turn.com 1 redirects
1 um.simpli.fi
1 thrtle.com
1 p.rfihub.com 1 redirects
1 a.ad.gt cdn.hadronid.net
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com www.winhelponline.com
1 get.s-onetag.com www.winhelponline.com
1 ad.doubleclick.net www.winhelponline.com
1 cdn.id5-sync.com www.winhelponline.com
1 cdn.hadronid.net www.winhelponline.com
1 cdn.jsdelivr.net ads.pubmatic.com
1 g.ezodn.com www.winhelponline.com
1 the.gatekeeperconsent.com www.winhelponline.com
1 ezodn.com www.winhelponline.com
1 ajax.googleapis.com www.winhelponline.com
1 privacy.gatekeeperconsent.com www.winhelponline.com
0 imasdk.googleapis.com Failed cd.connatix.com
139 79

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
www.twitter.com
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-04 -
2024-03-03		 a year crt.sh
*.gatekeeperconsent.com
GTS CA 1P5		 2023-03-08 -
2023-06-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2023-03-22 -
2024-04-22		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-12		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2022-08-22 -
2023-09-23		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh

This page contains 17 frames:

Primary Page: https://www.winhelponline.com/
Frame ID: C936C004C337CBAEB1A1633D794322FA
Requests: 106 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 2D3F988262406FA79FC78FE8E7FC7F48
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Frame ID: BAA8DFFA3643EABA700F4D3C781B7AB4
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326152299604
Frame ID: DA942CF919B2560D480FBEC35754F9F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZErVYgAF6VrWLQAn&gdpr=1&gdpr_consent=&_test=ZErVYgAF6VrWLQAn
Frame ID: 698488555750B8EDE3A3092F4701C0CF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 00348F74C9B58083E233E4AA067838D8
Requests: 1 HTTP requests in this frame

Frame: https://ow.pubmatic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804
Frame ID: E41847DF3278927EFA2A283120DB39B6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Frame ID: 011AF75C45782C2BBD5CA5D60859D140
Requests: 10 HTTP requests in this frame

Frame: https://ow.pubmatic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Frame ID: 45F69D38E40135A2EFFD2D71BA59409F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGeMk7IlasAACEaf5fV0g&gdpr=0&gdpr_consent=
Frame ID: 85FE7D38671F057FD467D110C46018F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2268447289275341454&gdpr=0&gdpr_consent=
Frame ID: 7A3E0B09C69BC5DBDAB6FC9A1F5B20CE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d5c9644a-d565-4900-999f-89cb170133eb&gdpr=0&gdpr_consent=
Frame ID: 15B56764E681C5013D07D93F0577F7FA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1BD04C72B4F386362F478A8902984C32
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EVt2zENadJgKC3XOEFpvzxYOdswKXHqdRVk9C2CN
Frame ID: 06FCE1A9301ECB117BA38B85997F148C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Frame ID: 5660C155C156F742C1EB9602500C52C0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CF0D56B054CF8E280B48EF30540D7C9E
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/262491/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Frame ID: DF104F7DFD2503629759D27E715B24AB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Winhelponline » Windows Help, How-Tos, and Tech Reviews

Page URL History Show full URLs

  1. http://www.winhelponline.com/ HTTP 301
    https://www.winhelponline.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

139
Requests

85 %
HTTPS

25 %
IPv6

51
Domains

79
Subdomains

48
IPs

6
Countries

1481 kB
Transfer

5216 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.winhelponline.com/ HTTP 301
    https://www.winhelponline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true HTTP 302
  • https://btloader.com/tag?o=5112081056530432&upapi=true
Request Chain 91
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D0%2526redirect%253Dhttps%25253A%25252F%25252Fow.pubmatic.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D%252526gdpr_consent%25253D%252526gpp%25253D%252526gpp_sid%25253D%252526f%25253Di%252526uid%25253D%252524UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID%2526redirect%253Dhttps%25253A%25252F%25252Fads.servenobid.com%25252Fgetsync%25253Fjp%25253D0%252526redirect%25253Dhttps%2525253A%2525252F%2525252Fow.pubmatic.com%2525252Fsetuid%2525253Fbidder%2525253Dnobid%25252526gdpr%2525253D%25252526gdpr_consent%2525253D%25252526gpp%2525253D%25252526gpp_sid%2525253D%25252526f%2525253Di%25252526uid%2525253D%25252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2268447289275341454&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D0%26redirect%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=0&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjIy!jg0!*cyO*ky!zUz!*E0!TQ~
Request Chain 94
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326152299604
Request Chain 95
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZErVYgAF6VrWLQAn HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZErVYgAF6VrWLQAn&gdpr=1&gdpr_consent=&_test=ZErVYgAF6VrWLQAn
Request Chain 96
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q4uOvTGLTIaA6Ma_rFdIBA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q4uOvTGLTIaA6Ma_rFdIBA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 99
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=438B8EBD-318B-4C86-80E8-C6BFAC574804 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=438B8EBD-318B-4C86-80E8-C6BFAC574804
Request Chain 100
  • https://eb2.3lift.com/xuid?mid=7976&xuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM4QjhFQkQtMzE4Qi00Qzg2LTgwRTgtQzZCRkFDNTc0ODA0&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM4QjhFQkQtMzE4Qi00Qzg2LTgwRTgtQzZCRkFDNTc0ODA0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP8mnRKty9TE0Gds0xXSWmA&google_cver=1
Request Chain 106
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8231091582167807463&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 107
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Vf86B9E2uXX2UW2i8YEAhCzoe4jx.g-~A&gdpr=0
Request Chain 111
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZErVY3BeLNUkqSFaqdRcgQAAFLQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBP8cslz3B6QHDkc-6PGOoI&google_cver=1
Request Chain 114
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZErVY3BeLNUkqSFaqdRcgQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECopEQSIAHqTNyFsz2cm4xQ&google_cver=1
Request Chain 117
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=aee8aadc-78b5-4501-8d43-845c3997cc2c
Request Chain 119
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9ca96ae8-4ba0-3193-9b77eb0b
Request Chain 122
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ow.pubmatic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Request Chain 123
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=74274986-3ea3-4fa6-815d-2ea9a95ab09a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 124
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
Request Chain 127
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZU1rN0lsYXNBQUNFYWY1ZlYwZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGeMk7IlasAACEaf5fV0g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3338774857573086430&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGeMk7IlasAACEaf5fV0g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3338774857573086430%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3338774857573086430&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGeMk7IlasAACEaf5fV0g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGeMk7IlasAACEaf5fV0g&gdpr=0&gdpr_consent=
Request Chain 128
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2268447289275341454&gdpr=0&gdpr_consent=
Request Chain 129
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d5c9644a-d565-4900-999f-89cb170133eb&gdpr=0&gdpr_consent=
Request Chain 131
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EVt2zENadJgKC3XOEFpvzxYOdswKXHqdRVk9C2CN
Request Chain 132
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Request Chain 134
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Request Chain 138
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=027d0918-3fc9-4bf0-8bac-f563d43625a3&gdpr=0&gdpr_consent=
Request Chain 143
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
  • https://cds.connatix.com/p/262491/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.winhelponline.com/
Redirect Chain
  • http://www.winhelponline.com/
  • https://www.winhelponline.com/
268 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f63820c5b5ee8d435c97834c55eb752e811f4eb0e5f64f23ea6e37b93590ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7be9ad37bbc99261-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:04:49 GMT
display
pub_site_sol
expires
Wed, 26 Apr 2023 20:04:49 GMT
link
<https://www.winhelponline.com/blog/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHLhCKxqusq1kS%2BSX%2BOULK8ZNl1xpE8mUeIeWnTT3cqJCNjdX6f%2FMlmh2m9Ylk0LlRAZucChMBPpIJqHZhDJrgd2jHqlDBBclrCmKD%2BeqDvMpn6XMe0GpzkP7Ij5bqcXKfb%2Bys00TnGTpwF%2F5pBlQwaSQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding
x-ez-minify-html
6.02% 245136 / 260846
x-ez-proxy-out
true 2.3
x-middleton-display
pub_site_sol
x-middleton-response
200
x-sol
pub_site
x-ua-compatible
IE=edge

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7be9ad374c9936dc-FRA
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Thu, 27 Apr 2023 20:04:47 GMT
Location
https://www.winhelponline.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F69zog7voU6cpywzlbAbC1G7J8s06MZ1AjLL8y1V%2F5U9TwjTod2CzFObpOJGK3oLYe4mXrjStzgGIAwesDz9Zr9lfVfPWoZ1Il62%2BhZkHBGfVlzSXBGdXTLBwYh4txWv1DVaiICXxdQ1aznSFwq1OUjaIg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
X-Middleton-Display
redirect
tcf2_stub.js
privacy.gatekeeperconsent.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFC21dyVMl2p4gv0ad80kNL9YML43OXhuCsocvpb1fZlGkO%2FV9KzstxcZG5NI9k88SfQK%2FShwtd9mj7B1p4coG7t3WGaRfxQE7J2TirRx4oQjMSYspVN1QaL24dAxsVs5GbvBZ94yKn5FE1H8Do%2B07pk9Mg2ZM6jSTxLoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15780000, public
cf-ray
7be9ad3fce783678-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 23:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 23:27:47 GMT
calgary.js
www.winhelponline.com/edmontonalberta/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/edmontonalberta/calgary.js?cb=16
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 11:11:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
895999
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFeyVIovxgCt9gRYHAsI6ibQTAKxrOGjlSu%2FElBuZ5Ug8mScdmzxQQPv8Fe9vGkVMhVHH7Hnqx8h08qWHGeonLEEkc6sgrw4fMj8xjA%2Fj%2BTIISYKTJ3QADP2JTZi6bRdndZmuBha9AcMFfv3BmfCJZi9Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad3ffb889261-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
893e88ab6383834ec89dfe5369d6fb23fdad6daf6ebc00147701bebd8cbc7115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24737
x-xss-protection
0
server
cafe
etag
60 / 19474 / m202304240101 / config-hash: 18361539349155083424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:04:49 GMT
dall.js
go.ezodn.com/hb/ 		660 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-8-55
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 23:18:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2493767
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFhQ%2Bqz5cIYIkWaweMRO6NT9vGgPETRWT7MLSSrOSaTEicFiwlrZ8sFr0lGCNk7%2FtSUX9c0R0OARwKpWOLgbEWvdOtPk%2Bee6olUaPD2%2Bfo40xbk%2Fjmk%2FGhdyHVBAcmp9cX7cKib8XxvVbi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7be9ad3f7e86048b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fads.js
www.winhelponline.com/porpoiseant/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/porpoiseant/fads.js?gcb=195-8&cb=8
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 11:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
895088
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uno5nrLsEH2znnrQ5Eg4pjRElGiq7d%2FLJMKjkK1%2BVpdQ14e3d4YFenURdUykfwSvCTqiQlXFMgLW4DCpwfYX88xN8KflabFqVkD6czaSvi3QX2QEvzW%2BX3VzuJ27zv77M7bFb5OmB2pznJfh1YoiqP97g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad3f4ad09261-FRA
blocks.style.build.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 		0
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=6.2&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
387970
x-ezoic-cdn
Hit ds;mm;c0e2adf3e8fc052f77a1ce042d190c47;2-105367-78;197eebbb-b02b-487d-6207-7abb3e978a5a
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
0
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"8a0-5f4c132a6c8f9"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
NaN% 0 / 0
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw7ynSm6Gqu74UaYNc6jOwDkP6HWDO8KDC9j6Gv%2B4m3XDDBzj4mDcLwAXPQSZ5JqJ%2BBNVEUB3PdisaFLnufyvlTVd2JhU%2BdamjUor1FFOHWj%2BOgmKuQFjSfdkIpAAE8mDXXlWQrbXslHx1BOzy8OAt2CZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7be9ad3f4ac99261-FRA
classic-themes.min.css
www.winhelponline.com/blog/wp-includes/css/ 		0
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-includes/css/classic-themes.min.css?ver=6.2&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
220225
x-ezoic-cdn
Hit ds;mm;018c22bb999b08877bccf97cbdb6d456;2-105367-78;5367c9ba-9ca8-4941-792a-ee2849b16cc0
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
0
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"123-5f82810c2d013"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
NaN% 0 / 0
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBgIeG2mPiRQF3pU6RYveNXWIvSLrrI9srlIUaaug9MHRKJpKwR4xlaeqAG%2BMeY7DWApLykFTUwhn9PxpxptkdeRWFObArIPJB%2Ftx77U1wTADIsP2L76RSJ%2F%2Fy7wZ6D%2FozpLDpn7HyJqks3w4xatsAbUcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7be9ad3f4aca9261-FRA
wp-show-posts-min.css
www.winhelponline.com/blog/wp-content/plugins/wp-show-posts/css/ 		1 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.4&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba6041869db135482cd3b94ec40f4391bbf0a5ca77bc6c1a9702d877fd9d88c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
387970
x-ezoic-cdn
Hit ds;mm;61047b6290774ceb80cd9665e94dcc97;2-105367-78;d7ba707f-ceea-4977-57b7-606a3e2c1a7b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"d9d-5f1ec749ab82f-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.18% 1503 / 1521
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgaqmHjwnANJVQZumOU6T7bnp1edTH%2BxpA88tdvAGMinxAO7oLJbH3ffK0GBb5Mq6wFRLwF7Umvy616aNp6IfuWZDSUz8UWQQj7WPXHOH%2Fqx%2BeilO8EGKOvminRMGZthfZoIF8OeVnjQuSFsvpGbVdoPUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad3f4acb9261-FRA
style.min.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.4.1&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad989bd0b5d9ce46e5e028dc54583e9a6cbfaa204184ed33ec2bd98439cae25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
270677
x-ezoic-cdn
Hit ds;mm;69341c3c9b6efac2c7ef38000acb0287;2-105367-78;0fc60dc0-c605-4dba-5b46-8c0f483ee0ff
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"15c19-5f4c132a6b959-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.06% 21625 / 21857
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPlFARSbeVyX5zlsAOeRcW%2F48HNIAMMWDENtgC9Dq%2F%2FFbyShxY0Bfj0lr3yeSEqUDFNWRTeyt4%2BHnqqg5MKafyPv1ITMAa2TdRrtAJtLmwbZW375YmNwzODpds86thQEr9cQdhrV9Um8tzGZ3k3L2fwAqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad3f4acc9261-FRA
widget-areas.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.0&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faec8eb1d835361aefcf57fb0c55d7ad0d90a3ca389a17f85ad8bb71436059d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
400597
x-ezoic-cdn
Hit ds;mm;97d82c4a8e5c676443fb82129c0c6d82;2-105367-78;176a7de9-e43d-4c1e-587a-5b1071fd8760
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"d1e-5f780288b5a0c-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.92% 2039 / 2079
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnFaTvjCwq3oo6Tpye69FDz9W2b%2BikEkfxk%2F0wn697OP7lOVAbTYJmaw626KNhd4TzVZw4dtEzbgl9XfqIdgkWLLs65L0FSUwrHa%2FEmn0wD5f3X2TqSuesJ%2BBLPTOxs9%2Bt69aY8w3C85noG1P%2BuOsz20DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad3f4acd9261-FRA
main.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d77ca69d37096c7c4dc572fb6f0f662fc8052e230cdd786d558c16de2973cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
49639
x-ezoic-cdn
Hit ds;mm;e9d021d6b849285cbdd1921ad47d7e1e;2-105367-78;95e9e37b-8b67-4f99-7944-e08b61882b86
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"4c6e-5f780288b5a0c-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.55% 16089 / 16343
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCsBuF938TWrRHMJcsZONlX%2Fsj0u2uym4oD5uVNfCcMRhBuVJvVDLakuZMDeAr6Lz9qOk%2B9EZLHp%2BvrhT0juZ9UPHqI8nTq2FrOISfxsduduLT2j41bhFwThawbjtM3CEVBCXv%2BJXloIT9vQfFOttcx62A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad3f4ace9261-FRA
featured-images.min.css
www.winhelponline.com/blog/wp-content/plugins/gp-premium/blog/functions/css/ 		3 KB
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.3.1&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0539e652120775af64d901a0db33e477945c42586029295f9361b2bdd507c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
108005
x-ezoic-cdn
Hit ds;mm;68f710ed215b500d48154aa149ef0880;2-105367-78;3492d698-4506-418f-4151-322f394b6f68
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"cdd-5f82817c0924f-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
0.42% 3047 / 3060
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bg5vSmbmCVj6%2Bib0i0uB7CDoeK1mUNEGHzmEfnYg7ZfFbHzT1TdiKwIssS0GnPNMnIyFJ6wz8G3ebCREhUsoXTNp15dAfkW6sTJZU2P4fXjsCfGKyRCzc0yt17L8AMu5wLlSpV5Gy6vLJlZH7Y7dS51n0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad3f4acf9261-FRA
consentsettings.js
ezodn.com/detroitchicago/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ezodn.com/detroitchicago/consentsettings.js?cb=2
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 21:15:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6659134
etag
W/"5be-5f395d3676a80;5f395d3676a80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4qardyEI%2BWmqswF2Og2uJH0KWapCC%2FUVqet2r8NG5bYp0JCEvg47OkRDtmbk%2B%2BuT8Q7sXcTqwk%2B6zKmc2GdELD4Kw54uN%2FLwwLDubfsu4y4nbaJlHvdXJECV81EpkWijpnbWdR5Tpg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad3f7f1a2bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cmp.js
the.gatekeeperconsent.com/v2/ 		343 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/v2/cmp.js?v=106
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c19defdafb93491774aa4bcf29d7400b143e45a8f68809ddbd99f80aa22f9dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Apr 2023 14:49:11 GMT
server
cloudflare
age
1486926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oK0ntGUlBD3Izjlo2nBrOxMHtMi6na7J%2FA%2FmIycwIafuBqZ5HM5mbst4cWxFpajDx4lNJmJbkbWB6oVgmzNGGjeE3zIJBD%2FjnyqDp66Oe4C5alU2p0G0%2Bi4bnhoGH%2F%2BKpIN0AdK028pszeP3P4A2EuMZd12FAEBO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7be9ad4188cd3678-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
menu.min.js
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
291290
x-ezoic-cdn
Hit ds;mm;2fa4c60950e76c70335c485138b64e06;2-105367-78;b98f889a-610d-4600-42a7-bbdd2576baa3
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"1b3f-5f780288b5a0c-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ncpot54h8CtBAjsJGzrcT35lmqKEXKk%2B3fYvT%2F0StIUcgRk%2BA%2FTg45BoVQ6Z4xFWjcHgAsyk8Yf08k%2FQqZWF02TIHXEKU%2BxzBSXlo1C4WloLP94dws6vRAW1rcUyXNjcr2C74KfRiwLYShzDMsxyxkw%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-ez-minify-js
0.00% 6975 / 6975
cf-ray
7be9ad3f4ad19261-FRA
navigation-search.min.js
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.3.0
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
290017
x-ezoic-cdn
Hit ds;mm;37c0396a3640fede6d99388dcc7e0484;2-105367-78;ea18b024-9eba-403e-4494-fbfdf02467a0
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"858-5f780288b5a0c-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFzgzm7VLQIAf5LtsIWNI4XwYsp7weuIRAbUr2fik7O8itSmVe%2FkuZLbQrqaiVrnfVj6cJ13CfwBpXGzI%2BymlaSnmXiVNrnodWfdqpQInMfYdTGldIN6Zof2H7OsA3JFw3xQYF9i9CrdNbVcdy89%2BL879g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-ez-minify-js
0.00% 2136 / 2136
cf-ray
7be9ad3f4ad29261-FRA
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 19:45:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5528559
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9rzAkwYBUdbOeQHYwsTu2Z9JcuHYzRR9Ye4bijj8NnKGeYzdvxlN2UmfyNoavmYIsbVc7KyRDKY8Dd0wN71pt6rOdFJLz5zHN%2B4%2FLyH9Yt9IOJlajW1uJb%2BdrTPwjzssSmQRH38ra02gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7be9ad402fd82bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
augusta.js
www.winhelponline.com/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/augusta.js?cb=24
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 11:11:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
895999
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvJfavFBb6hTnTLGdI4mG3bHT8yo7aQil2EvozbZ1%2Fl8nUBj1lCIGHKJyX15z2zjbhgH%2FS7e%2BeZfmtATFul4S8s%2B%2BpPamFe%2Bcwv5XyMM4JJd4QzC7HCkUtGBAOLCAHHXe1IjVKdqUppqplHuOrCAly7tkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad401ba59261-FRA
banger.js
www.winhelponline.com/porpoiseant/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/porpoiseant/banger.js?cb=195-8&bv=216&v=74&PageSpeed=off
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98dea2969e1c2a131839e5c0301506a128dac68bf259f4d9788fee1cd00f40cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 23:37:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
160021
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9VpIfIOhpQcjpPTgwVSiyJ94wT0hi9Xs9ZdjSOPAb%2FEpKFdJI%2Fm3tbcuNAMWtWtQNW3mQ1q26e70mnYgAUMK4PGIJsLlLSbBiZnOIHHli3mJE%2FIv3z2aHBSrEaXBhlgMpP1MZpYWPhThMw1bKN18%2F%2FQYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad403bc69261-FRA
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 19:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3585
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 27 Apr 2023 21:05:04 GMT
cmbv2.js
www.winhelponline.com/detroitchicago/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fac7041ca8c8fafc55e402409b70883306610d56ca0cd883941ef0779b8cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 27 Apr 2023 20:04:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAGHgq9V10ajagNYf71LjQfXilQCnuvv6gPVy1nwXAQ2LGEmiYcwllE54Jr7PaFF6RrqUgxJ3FD2dxIFKjgWPyVXwl14ChpfQIB0BsmJGRcnq0mlKnc4eNdmn%2BhNxRg8Z90kIBChXRk8kbLohRd0zl5snQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad403bc79261-FRA
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5f53b1f7fa3627285189e4e8c9fdaa84319b869370f4ca70edb66506899d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46cb7007000da27821e4fd308016826ff39e40592fb9dfd676f66ded5edb3ff8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a12aae8be6c01bde8575f28783f29b3f3c35f882c2b5946a0e0eead3fbbb729

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20d22e0e8b9e04f0befcb307771d932462246ff740f82b64009d52d9506a5aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8829a8924dff757932f56397690292e154eb33f5471e683cebfcc9884c38c2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2bc2e62acd8c74b47dc6b86918cd2ede0a053b716144298bd97e66366524fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcc82ae240bbd41d82d2907a9ed8fe40df403a852973710d1e21213a3fbdc301

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f8020b22927e52bc72e23d5f15daea09231cd26fa72390dfe415fdd249428a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d4bc2d5c34588df622aebd16adf97b5a4ebfd9ac5b49eec1c795a5055ac62c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
054ef5838ddb6e1171550191a06fa204951eb204fd8bdf98df4f631000b4fa5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8230efc6af9182cb5a3412670b861554742f8795886a114dfd20c78467ef4212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed58ab3092200ade6d11e4b72e8528ef82588ba66d53bb4e9a5657aedee55a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d3297fd254c0bc11d4924427d5f8f3585e4d41682cb11e1045d6f14797f8b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb3f9c7b1592f4f8f1db0765262b0f9bf69588bef9ad0d0e0c15cb4e977b0d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc9ad702704147d8847db169c4a72c344f6f30893bfd30baa1a1fd9645d0ad2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb09fb048d59da17e1a529984a00e0a23ebeef7848767ac4154d4ca45b590857

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e22c810b5a82602ec3a367ae312d8691ad9a770efc322ffc42b6605d895268c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75509aec51f490cf71ce33f2310c4d93cd4d96e238bcff7081c87defa267650a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
ezoic.png
go.ezodn.com/utilcave_com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
BYPASS
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1181
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
"49d-5d9576f862e00-gzip-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43n6tUSe0JAkB6vyTbgrfTzeYqBzgV5eV6DN%2FTIO%2B1qTgTm0xsla73lTiykw%2FRACdYSwnWGyYmNhED6zQSJmeircQbk%2FvzsiQzEe6p%2Bj2kZS8QXQ%2BO8P%2B0qfVwAVkm1LeU%2Bq7fQFkCdP2Ew%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7be9ad407820048b-FRA
expires
Thu, 04 May 2023 20:04:49 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b85bcb075a13466616c573a91f310265b48c0879b56e003d4d3b7c421eee188

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162833/9311/ 		480 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f6515c9511421c4c99b71d57857c5385f957ccdbecda93a1e234bbd5e893748

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
gzip
last-modified
Wed, 26 Apr 2023 17:51:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78378
accept-ranges
bytes
content-length
143848
expires
Fri, 28 Apr 2023 17:51:07 GMT
kenai.js
www.winhelponline.com/detroitchicago/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/kenai.js?gcb=8&cb=5
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 11:11:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
896008
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LoNIubTGWzNo69TKna0xhzkMgejI%2BjGAsaMBAwTOBGNePiLdSXhRD8YcoK3%2FFrGZunnv%2FmWPE%2BsJXIkEr3N7%2BJm3ZrYEYHdF2O%2BJZaktvsh8qvrCtQPUYzYyYjV2YGwVRm6ajJoGY05xjOkVuUYX95GtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad408c129261-FRA
portland.js
www.winhelponline.com/detroitchicago/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/portland.js?gcb=8&cb=3
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d24aa6c759bf985377cb6d8da10653aab877022d6e6462f546e86bae4ae41e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Apr 2023 20:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
83291
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW0iauiC01x3dKtSwuQ0R%2F6dqnU%2FYCy0bJ6oyvI%2Fm4hmgED0%2BoFNCl3mnZFFrMMxMinfMc4FagtsjnJouDmkQtirHNe3vWPLTmk7UDdvD22uuI3bwToyHl2HqLhwvB%2B4wzKgWRoznnLodkCH3R4byx4%2BFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad408c139261-FRA
apstag.js
c.amazon-adsystem.com/aax2/ 		226 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/edmontonalberta/calgary.js?cb=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:11:44 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
3186
x-amz-server-side-encryption
AES256
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
D0l831IfcIDnjin6iPgSEHjACL5UsbKifokXqtB8zTOtkm9QL6tGfQ==
sidebarwall.js
www.winhelponline.com/detroitchicago/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/sidebarwall.js?gcb=8&cb=19
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 11:26:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
895087
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13mC0d%2BPJL%2Fii3xwDhtAWxgw3iaA3PMpOATw5XMBmk2JvfOmSsAjbFySKEdUXC9G2oCXuLsWTdxefw17UvOZRmpRvosrKB0MtOSatgmmVJC%2BQ3Yq4REQdCpd%2B3w9Q8pVY9ZGG94exV8svpBcndRYDlQUuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad409c239261-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:39:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
33920
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126426
x-xss-protection
0
server
cafe
etag
12107163058553792566
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 10:39:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		968 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.winhelponline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d1abac5fa982d67acbbbe5df76cba3777afb57ee7ce0291285e29179ab91f1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
433
x-xss-protection
0
expires
Thu, 27 Apr 2023 20:04:49 GMT
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1342860800&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winhelponline.com%2F&ul=en-us&de=UTF-8&dt=Winhelponline%20%C2%BB%20Windows%20Help%2C%20How-Tos%2C%20and%20Tech%20Reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=271942809&gjid=1703785035&cid=1376343051.1682625889&tid=UA-4931296-3&_gid=42700718.1682625889&_r=1&_slc=1&z=1732019680
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.winhelponline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
basher.ezodn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://basher.ezodn.com/?did=105367&bf=1800&dc=1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://www.winhelponline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.winhelponline.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7be9ad411fe51942-FRA
content-length
0
content-type
application/json
date
Thu, 27 Apr 2023 20:04:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BmOD9WBvc0sZO2CUEkrjJBlDG0GjOsq%2F83scgRiVGOHosb10Gt%2Bwgg0fMXt2UVxN6ZHrm39N2oFfoCAKXOt8bkpKhaqgevPMXstW%2FGIr7rfpN36g5MWxD56NUooPT2E1Yxq7nfWVWE3heH%2Ft0%2Fp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
/
basher.ezodn.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://basher.ezodn.com/?did=105367&bf=1800&dc=1254144
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=195-8&bv=216&v=74&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff649d2fbd314dfac73b6aa05c37313c2f1398e727d43db2d06fc41229bcb80

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.winhelponline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5zqX3qLy6owGqoK%2Bz2GO7C5gc7BBEMfBvKHVUcRZREtTB37m0lqlxhOgJnCqeFmRoTgi9B2pJ0dI2MyRAAPAsZK8XJdEsQUHf1ioBDUWNmyyr86VjoBTBnoHh6EUScI0p0ndOmBOXtcEllqN%2FrM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=84400
cf-ray
7be9ad4138301942-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nmash.js
www.winhelponline.com/porpoiseant/ 		21 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/porpoiseant/nmash.js?v=216
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a1252a758da8fff6756d2c968f9325a3b73f4b8d7c88110073b6969def1d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 27 Apr 2023 17:46:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UslfdXKcPFV7e4%2BctiCXSYrQZdg8QnUob2Qjzczv1CeWrubthBO4EnIQ8tT7CekxYiI5yBxPOy3EuHE%2B8p3w8kF8eSET9IsyyDPCv4OIE8v80f7HxNbbB40fWcuD7Qjsn%2FKlwoFhUGTg%2FIJHBJtjBiPY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
7be9ad40cc549261-FRA
imp.gif
www.winhelponline.com/detroitchicago/ 		43 B
587 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod62%22%2C%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C5%2C0%2C0%2C0%2C0%2C1%2C1%2C1%2C4%22%2C%22adx_ad_count%22%3A11%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A105367%2C%22domain_test_group%22%3A20230809%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22602%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1102%2C1102%2C1102%2C1102%2C1109%2C1109%2C1109%2C1111%2C1198%2C1608%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2209504688-cc53-4669-4514-c1730f949b40%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A155038%2C%22response_time_orig%22%3A956%2C%22serverid%22%3A%22i-082059b783cc2fdf6%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1102%2C1102%2C1102%2C1102%2C1109%2C1109%2C1109%2C1111%2C1198%2C1608%22%2C%22t_epoch%22%3A1682625887%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.winhelponline.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1667%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.winhelponline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irgw1G3q7RN6e6B%2FKls%2FZpqh0IqQq6CjQNR75y8ClHfbRvBCfcRCIq6o1axKbU1P2z6oooGQIBhDi7u%2FzyOxSdjCjwoJyFkjnoylbmICMUd6inPG3dBJHZFiwXdZ%2Fvng6lj3jr6sE3LNMvG68pPYmunAQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
7be9ad40dc6a9261-FRA
access-control-allow-headers
Content-Type
expires
Wed, 26 Apr 2023 20:04:49 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/webp
blocks.style.build.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 		0
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=6.2&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
387970
x-ezoic-cdn
Hit ds;mm;c0e2adf3e8fc052f77a1ce042d190c47;2-105367-78;197eebbb-b02b-487d-6207-7abb3e978a5a
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
0
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"8a0-5f4c132a6c8f9"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
NaN% 0 / 0
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3qb9EPfMsWM%2F2KZQCCJ6BA%2FAXpJaqARdrLVow8Fp2KtGB8w6pd1vyjrDLrNGmpuNFtF9o%2BOTqgZOD5S7yqrjKKkZ3WSrM2J%2FS1G6Xy4lw6B5cfzYQOEMtdW%2BlfXGXIfpd3sWZ34UQvzQFZ21uNfNgM7ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7be9ad40ec6f9261-FRA
classic-themes.min.css
www.winhelponline.com/blog/wp-includes/css/ 		0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-includes/css/classic-themes.min.css?ver=6.2&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
220225
x-ezoic-cdn
Hit ds;mm;018c22bb999b08877bccf97cbdb6d456;2-105367-78;5367c9ba-9ca8-4941-792a-ee2849b16cc0
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
0
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"123-5f82810c2d013"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
NaN% 0 / 0
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niiAB8K0ZiJbEsF49oo80QbqzMO%2Flz7Ef0AMK2ZCLgdjSbWEEYijzE5AH%2B%2FW96ZC2c8yEuKCktUStWGRmSvv6LDdb04uWewaOq3ycjISDxzsLYVXhkdlzkuMCVSASxnj6qYK28KoEgvpV9EfBXqDZAgu5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7be9ad40ec719261-FRA
wp-show-posts-min.css
www.winhelponline.com/blog/wp-content/plugins/wp-show-posts/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.4&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
387970
x-ezoic-cdn
Hit ds;mm;61047b6290774ceb80cd9665e94dcc97;2-105367-78;d7ba707f-ceea-4977-57b7-606a3e2c1a7b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"d9d-5f1ec749ab82f-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.18% 1503 / 1521
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaYn5cDUD44%2BJIdHeejn%2FuVHlgerkxeJZD%2FIRDZWTUxcOf46IhUS6bVASja5iXyI6hMnxRNQ0BAtFGl6qSVaBVmCZaLFDy8yib8gryDf%2Fqu15mfMXe09mnqgXuXxPNdYZEcfWjRm0RAsEzzJRJ%2BehmkJMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad40ec729261-FRA
style.min.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.4.1&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
270677
x-ezoic-cdn
Hit ds;mm;69341c3c9b6efac2c7ef38000acb0287;2-105367-78;0fc60dc0-c605-4dba-5b46-8c0f483ee0ff
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"15c19-5f4c132a6b959-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.06% 21625 / 21857
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2iCQ7rKliJ%2FzfMCjhev4tIVTpNxZQeVuid%2Bhjtn%2FA2hNBg9OPNdhPjqSrJG62Qfx9LvbONi%2FLYpVv3ewgLENlgdT9dmoi8gdhdxDuhf3OeY2rg6cHyfRPh87X6tM2sh3RLUJ0KiywEFjIUAAZ9bWqAV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad40ec739261-FRA
widget-areas.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.0&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
400597
x-ezoic-cdn
Hit ds;mm;97d82c4a8e5c676443fb82129c0c6d82;2-105367-78;176a7de9-e43d-4c1e-587a-5b1071fd8760
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"d1e-5f780288b5a0c-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.92% 2039 / 2079
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5S0wSjImyjtcgCc9wXKRc3BY6r3V6fAcDyJMi5lYlga93ciHoNA5oTjIadcKYCsaXNNu8fr92UO2r8JYYSRzsKphpRTByddv%2BQfYi40Ru40GMK%2FuB0ulHCSIJVOcRpiex%2Bei1c8zwehKod4adyl0Qsomg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad40ec759261-FRA
main.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
49639
x-ezoic-cdn
Hit ds;mm;e9d021d6b849285cbdd1921ad47d7e1e;2-105367-78;95e9e37b-8b67-4f99-7944-e08b61882b86
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"4c6e-5f780288b5a0c-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
1.55% 16089 / 16343
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tt3NqkiJW7nQg3o1oUzdnlQKvZo3f3FCf6y2ZOTu1qnUWFk%2F5wS0nBClHgSmmEKS0h47hYAxq8M6cGlCvGAUDUv5Vgka1tscwhr9P74BGpcsP7J59F7Fa02zSM2hQ4%2FbHW7G4dTM6DrP1CGodfTYX1gKjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad40ec769261-FRA
featured-images.min.css
www.winhelponline.com/blog/wp-content/plugins/gp-premium/blog/functions/css/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.3.1&ez_used_css_s=17
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
108005
x-ezoic-cdn
Hit ds;mm;68f710ed215b500d48154aa149ef0880;2-105367-78;3492d698-4506-418f-4151-322f394b6f68
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"cdd-5f82817c0924f-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ez-minify-css
0.42% 3047 / 3060
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDfHLhmU3qg7sdXDhi7iGnKVgMVgbDbwo5YZlMHqeaV6nQlKSR29yYlgX2keG2M5UNHqEGq4M3v7gljjG0QOR9Xj%2BsP94SfQf1G%2B0RUUrNa%2Bd2SfSnlyEC6J40ko0TwFr1FM%2F%2B%2B7t3rNZFM56Gpi9a5jNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7be9ad40ec789261-FRA
cmbdv2.js
www.winhelponline.com/detroitchicago/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/cmbdv2.js?gcb=195-8&cb=03-8y0c-6y1c-5y62-22&cmbcb=136&sj=x03x0cx1cx62&abt=BidderTest
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d4ba3666a3272382e88cf840403d5cea356596828b42d09fdc0f8910290e61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 27 Apr 2023 20:04:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrPDbe%2FOAd%2Bo1lhQRscU%2BEDqKrdTmG6%2FPh4WMfdXMnFGanqWc7zKq0Spw9eMcY5FN2z4EYDv2JmkcxRrJX7w93b6%2FOB8NuKeJJEAFaN%2Fz3uEOffEGiwFY2t5JWqikNKA2l6EwkfRK1MhJd1iWOJm42uNog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7be9ad40ec799261-FRA
windows_security_tray_icon.png
www.winhelponline.com/blog/wp-content/uploads/2023/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/uploads/2023/01/windows_security_tray_icon.png
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801f4cad263afd751824bb79830d4e1a48ea9a1feab7e66f04432cbba98e28c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
108005
x-ezoic-cdn
Hit ds;mm;768ffe5bed239f251e09263acccdf415;2-105367-78;51d0c13c-2c05-4940-674d-809451512050
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"1556-5f15c5e5a840b-gzip"
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z51iffrorZkNR60MUSDDggt90PnIJe2PoOhrDBc2UpKbxpr0Lu4s1d6gEnPqT09I8gYqRAY1eNkZvcdxRcbIHFx7May%2FK7fuAgRGgiEMmA8aKDtsbIqGUqMN9b2OgjGzs0x%2BahukcDWo6Vyewt1JrwwtSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
7be9ad40ec7f9261-FRA
msinfo32-start-menu.png
www.winhelponline.com/blog/wp-content/uploads/2022/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/uploads/2022/11/msinfo32-start-menu.png
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c69b813b52f313bb1dd8f4327e2dc114d72545139aca85d2370af19823aa28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
400690
x-ezoic-cdn
Hit ds;ds;daec0813d03bcb84d57f0b8268e789b9;2-105367-78;d30a0865-d3a5-4672-5fba-8adcfe7e9e4c
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"25c0-5ecdc08d35d7e-gzip"
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUsrxFuqKDU6CAmCvYEutzNxiq63YmqiVkDlTKvCOXmOkhohKBSNa0pdvk43QqH4y0FGKM1pm2e4Mf0THhW03Ebk1SLMJD7Twr7%2Bu94zOwpD8ppmmi0qCDQy4MbzShAu4qrrc4dvNpyblze92VGlhD71Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
7be9ad410ca29261-FRA
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230427
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27cc5b126c56f48594c240ee1d0f99f97d75394d97a1f0dae1c94abb97697a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14637
x-jsd-version
1.0.1687
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-+Iu42iTUoru/yni6M8iYkXG4Oqk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygpX3xA6WsFvbzSAZU43F7QFF3n0nMc51%2BUNiEVG%2F2zVOSHwFfDaq72rC%2Fh8fX3zAapb1WEQDN%2FKyl46osnuhss%2Bt925ueIF5sB8WSxiydc3OTqXGkYppQHgcbdpt8o0jevCd8POz2BFocy6iMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7be9ad418a999978-FRA
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.winhelponline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c044a3c9cdb186fb83cea1eeb7cf8ee76e0e084835c45cead97e96c855f8d857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 16:58:13 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
11195
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.winhelponline.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1639
x-amz-cf-id
tpiILEybroqVretwe0G7zROIM4ZpRn5fRp5EMbYs00BGUjkbp1i2jw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
date
Thu, 27 Apr 2023 03:33:20 GMT
x-amz-cf-pop
FRA2-C1
age
59490
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zQcw4GUTIpqfNr9Qy9M7b3hEf4SG_CtIcbXPI7iYqczCKjACnM_bFA==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.165.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-165-89.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.winhelponline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 27 Apr 2023 20:04:49 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
  • https://btloader.com/tag?o=5112081056530432&upapi=true
223 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5112081056530432&upapi=true
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1d673f19348a1a820ae58996ce0a925fe7be63497acc1a9281570c5df36677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 19:44:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1000
etag
W/"4943fda915d8a391e05a694b5a82a6d1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYneQFjwa%2Bgdx61g5BUd%2FAemJDybZVKrEfP4CR9k3OFtnbrzXUrpWubV3oZkU5znXjQUGw%2BR3CsrrVRrp89NMooSnq62dl06R1k6aeRjC7INMIyZnOCCZU8aII8SU5zXK64EfXn%2BJ6ePeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7be9ad41d959bb9d-FRA

Redirect headers

date
Thu, 27 Apr 2023 20:04:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIrUUA3NwwznJaeR5ZJ6f0Lugt22Xj5nCsJor1NOsqyGWdO0O0D91pxFFftknAI9gAcF7TlUjlofWk36svj7Vo1np11DdG3RxvJ4JbouCeomUkHwXZXg1VxEySB4YrAWoIsykNwOwf1LqA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?o=5112081056530432&upapi=true
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7be9ad41c92dbb9d-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.winhelponline.com%2F&ref=&_it=amazon&partner_id=524
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
2688
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7be9ad41cdb6bb83-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
B9574BVRG1ZSG4HV
age
343
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7be9ad41bfe918e3-FRA
x-amz-id-2
j5ARhHB85BlZgMnEqsC8+kh6KnF793iwhqx1Mde47N7jFrubuoTEiNak6sNAckEq+EEOR+ly0AgnSz14OHqLxg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.165.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-165-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:04:49 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GVL.json
gvl.gatekeeperconsent.com/gvlcache/ 		410 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gvl.gatekeeperconsent.com/gvlcache/GVL.json?gvlSpecificationVersion=2&language=en&cmpv=2
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1e5fbcc69298653b817c7913e6a569d45671f52f0d5cf948f527ccf7b93a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
gvlcache-hit
true
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dx3D110G5sMU0x%2BjRCtgCTE%2BjgAI00Er0fbiCOgQh3Pz0MvC2u3%2F4%2F1s32scrgqMz4mhVCBZpJxdpJNF9qH57p3uIkq%2BCVG1Xg5wiQZsiCABiCtqRh0H8jzXgWEHPhwgP2YCOa7ZpMZeLavHlVrNCY3C%2FBYZCWxz"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf-ray
7be9ad420ce85bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ow.pubmatic.com/cookie_sync/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2f93722dd0a9c4ad00269d1b3a32c0c4f4ae1eab822eee3ec583a29fe4dd626a

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.winhelponline.com
date
Thu, 27 Apr 2023 20:04:50 GMT
access-control-allow-credentials
true
content-length
1779
content-type
application/json; charset=utf-8
auction
ow.pubmatic.com/pbs/openrtb2/ 		298 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4e48c50a7790666aa0750a4d806b488473b171b40622dc1a44359005777815ad

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.winhelponline.com
date
Thu, 27 Apr 2023 20:04:50 GMT
access-control-allow-credentials
true
content-length
298
content-type
application/json
hadron.json
id.hadron.ad.gt/v1/ 		102 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=524&sync=0&domain=www.winhelponline.com&url=https://www.winhelponline.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.winhelponline.com%2F&ref=&_it=amazon&partner_id=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e940735ef90beb2ea75c4886f4fb827179bf9d14c78e05f8b151d514e678a3a

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7be9ad430eaf9223-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=524&sync=0&domain=www.winhelponline.com&url=https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.winhelponline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7be9ad424dfd9223-FRA
content-length
0
content-type
application/json
date
Thu, 27 Apr 2023 20:04:49 GMT
debug
OPTIONS block
expires
Fri, 26 Apr 2024 20:04:49 GMT
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
412413
x-guploader-uploadid
ADPycdtGg9okRiqDeEbyWoWzc6ZkXtnm5yuiXwoozrNUqZGrdQtz7ATFt-KwsOj76AoO5qkilFuI8iJFo3-PAonxPXTqQqZd4mFd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUqkz6fzGTVDf8kXvCbidEFmAXSh48WyYXHt9ZRyBFLoRe6qa2Pax3NCL7i6esiyf58Iyk%2B%2BVgVUqv7jVWclSPsGH7AmIVG8q26%2BJckrrsnHEStAglrXKRMTPckPiTBZPeUz6Ew1E778zaCxeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7be9ad424ec4900a-FRA
expires
Sun, 23 Apr 2023 02:14:46 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 03:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 03:18:36 GMT
px.gif
ad-delivery.net/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7791928076924852
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
412413
x-guploader-uploadid
ADPycdtGg9okRiqDeEbyWoWzc6ZkXtnm5yuiXwoozrNUqZGrdQtz7ATFt-KwsOj76AoO5qkilFuI8iJFo3-PAonxPXTqQqZd4mFd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnUeF9OzRVhZGTUREnNuZC0KUIndJ2Yuecs0tsXX4oQoPow3k5I75hndlKNkEckTpIGsbHNH%2BjfWuRi0s8Q07bOU7ooRvWM5dVU43JPDrXlkOFP%2F1zJ5MqIjU0YSgPBj6aQzjwAii6YWNfKkfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7be9ad424ec5900a-FRA
expires
Sun, 23 Apr 2023 02:14:46 GMT
printer-error-0x11b.jpg
www.winhelponline.com/blog/wp-content/uploads/2021/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/uploads/2021/09/printer-error-0x11b.jpg
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f41e172df5100d5f831d0ba17958f3c254f35e6f2d265c7da216c4cd5137ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
108005
x-ezoic-cdn
Hit ds;dm;8eac8abde274a68eb7fc87fea6095c6f;2-105367-78;5cafaab0-5770-4a5b-427b-2dc2d130676f
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"6e9c-5cc339741cca4-gzip"
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jChwrnB8zkLEHfEFNI4FYyPdiyT%2B6v6qp83hpAs%2B067e31agAaYM9%2BjDTpIY5Ge12br302drIW0k%2BTo%2Bf37MURaPfJnd0QpIk4lkgdPitqPEnOuUC1Y83lxF9FFqwQwrDsO2QmXi1fW7LUGZhcynEbfow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
7be9ad424dae9261-FRA
GVL.json
gvl.gatekeeperconsent.com/gvlcache/ 		31 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gvl.gatekeeperconsent.com/gvlcache/GVL.json?gvlSpecificationVersion=2&language=de&cmpv=2
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707681e67d6f9a7480fee2a981f9bbe8d83bd4bddabec301429798e26755aa9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
gvlcache-hit
true
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=973KmEA%2BYLPc8zrQ4kGxV%2FBcwWpt%2Bgl4UmA1VkWqLsVgAE6ahPgAET61l5UvY8lkbD9udiqvckneNdcIz3lj00y%2BVYp1J87EoTIoh5jCOA9Uv69LUy3zRbRWjg2q31PAEUW3H4vxd2KUkpgtgWVCOAYtKM9tSunw"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf-ray
7be9ad425d225bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=JazCxIV5k&w=5922981799264256&o=5112081056530432&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.winhelponline.com%2F&sid=0Cktn57Xb&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:04:49 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
greenoaks.gif
www.winhelponline.com/detroitchicago/ 		0
397 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOTUwNDY4OC1jYzUzLTQ2NjktNDUxNC1jMTczMGY5NDliNDAiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjgyNjI1ODg3LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMDk1MDQ2ODgtY2M1My00NjY5LTQ1MTQtYzE3MzBmOTQ5YjQwIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTY4MjYyNTg4NywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOTUwNDY4OC1jYzUzLTQ2NjktNDUxNC1jMTczMGY5NDliNDAiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjgyNjI1ODg3LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwOTUwNDY4OC1jYzUzLTQ2NjktNDUxNC1jMTczMGY5NDliNDAiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjgyNjI1ODg3LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjA5NTA0Njg4LWNjNTMtNDY2OS00NTE0LWMxNzMwZjk0OWI0MCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInRfZXBvY2giOjE2ODI2MjU4ODcsImRhdGEiOlt7Im5hbWUiOiJpc19hZF9ibG9ja2VkIiwidmFsIjoiZmFsc2UifV19XQ==
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJux6PHT5%2FO2EWdVps6BWfdef2JxoKDpJY9BudYunQQsrwmLAYkfwL7dUYyFeS9j0Ah1gC6P5h6e1y84jkTmtN37Zyfwuyn154RkViL%2F77yucljmDIj4hxXdJxWMwd%2Bcc%2FidnHXQcPJnyq41US%2BxLHOs8g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.winhelponline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7be9ad426dc59261-FRA
expires
Wed, 26 Apr 2023 20:04:49 GMT
tag.min.js
get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
SHNpl_8wt2p1PJfKLDG5Nc7BxQDTckiK
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
date
Thu, 27 Apr 2023 03:32:41 GMT
last-modified
Wed, 19 Oct 2022 18:09:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
59529
x-amz-server-side-encryption
AES256
etag
W/"32d4340999995f7e75434869149ee50c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
PArzstrOzUVbEyDI1n69wDfVYdyGC1oZgzpXaeE63zXuzYUh5kZtaw==
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:27:21 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront), 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
2248
x-amzn-requestid
e30f0bda-f457-4c7c-9180-bf878af77b6a
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
EDToFGe6iYcFlEg=
content-length
555
x-amz-cf-id
hj2Z4f2CN9PBQTAw_BAOPXYWR_zCWBoDmqcRZCeuBWRBGS5hBH0_OQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date
Thu, 27 Apr 2023 01:28:09 GMT
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
67001
x-amz-server-side-encryption
AES256
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
T3wjJ2c29CXHRR_D5zRrPkSGHK2l3wPU7HaNJtTbka8d6aKbpBkHLg==
524
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/524?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.winhelponline.com%2F&ref=&_it=amazon&partner_id=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3045ae38ff1e3ffd35b550a7cea1a7acedba245982561a7f7c467474ef263004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 20:03:56 GMT
server
cloudflare
age
54
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7be9ad44abbc377b-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D3F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.winhelponline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35272
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 20:04:50 GMT
expires
Fri, 28 Apr 2023 05:52:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
ow.pubmatic.com/
Redirect Chain
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%2...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D0%2526redirect%253Dhttps%25...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID%2526redirect%253Dhttps%25253A%25252F%25252Fads.servenobid.com%25252Fgets...
  • https://ads.servenobid.com/sync?pid=312&uid=2268447289275341454&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D0%26redirect%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%2...
  • https://ads.servenobid.com/getsync?jp=0&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjIy!jg0!*cyO*ky!zUz!*E0!TQ~
86 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjIy!jg0!*cyO*ky!zUz!*E0!TQ~
Protocol
H2
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:51 GMT
content-length
86
content-type
image/png

Redirect headers

date
Thu, 27 Apr 2023 20:04:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
location
https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjIy!jg0!*cyO*ky!zUz!*E0!TQ~
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2D3F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76278424&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c26e8924e3dd36df44967f8a14300efd93b7eb049cf6ade230c084a2cf6d47e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:04:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAA8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.winhelponline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35272
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 20:04:50 GMT
expires
Fri, 28 Apr 2023 05:52:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame DA94
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326152299604
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326152299604
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 27 Apr 2023 20:04:50 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326152299604
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
simage2.pubmatic.com/AdServer/ Frame 6984
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZErVYgAF6VrWLQAn&gdpr=1&gdpr_consent=&_test=ZErVYgAF6VrWLQAn
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZErVYgAF6VrWLQAn&gdpr=1&gdpr_consent=&_test=ZErVYgAF6VrWLQAn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 20:04:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 27 Apr 2023 20:04:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZErVYgAF6VrWLQAn&gdpr=1&gdpr_consent=&_test=ZErVYgAF6VrWLQAn
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230038-FRA
x-timer
S1682625891.844654,VS0,VE0
dcm
s.amazon-adsystem.com/ Frame 0034
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 27 Apr 2023 20:04:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0H3FCBMBD5MCQ3218VHB

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 27 Apr 2023 20:04:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B9TJRBCWZ25JABZPNF3E
setuid
ow.pubmatic.com/ Frame E418 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ow.pubmatic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 27 Apr 2023 20:04:50 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q4uOvTGLTIaA6Ma_rFdIBA%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q4uOvTGLTIaA6Ma_rFdIBA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:50 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=35272
accept-ranges
bytes
content-length
5554
expires
Fri, 28 Apr 2023 05:52:42 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 2D3F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=438B8EBD-318B-4C86-80E8-C6BFAC574804
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=438B8EBD-318B-4C86-80E8-C6BFAC574804
95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=438B8EBD-318B-4C86-80E8-C6BFAC574804
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 27 Apr 2023 20:04:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=438B8EBD-318B-4C86-80E8-C6BFAC574804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 2D3F
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 2D3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.9.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-9-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
Pug
image2.pubmatic.com/AdServer/ Frame 2D3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM4QjhFQkQtMzE4Qi00Qzg2LTgwRTgtQzZCRkFDNTc0ODA0&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM4QjhFQkQtMzE4Qi00Qzg2LTgwRTgtQzZCRkFDNTc0ODA0&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2D3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP8mnRKty9TE0Gds0xXSWmA&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP8mnRKty9TE0Gds0xXSWmA&google_cver=1
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP8mnRKty9TE0Gds0xXSWmA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2D3F 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 26 Apr 2023 20:04:50 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2D3F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2D3F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8231091582167807463&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8231091582167807463&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8231091582167807463&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 27 Apr 2023 20:04:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 2D3F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Vf86B9E2uXX2UW2i8YEAhCzoe4jx.g-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Vf86B9E2uXX2UW2i8YEAhCzoe4jx.g-~A&gdpr=0
Protocol
H2
Server
192.82.242.213 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Vf86B9E2uXX2UW2i8YEAhCzoe4jx.g-~A&gdpr=0
date
Thu, 27 Apr 2023 20:04:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
438B8EBD-318B-4C86-80E8-C6BFAC574804
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2D3F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/438B8EBD-318B-4C86-80E8-C6BFAC574804?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ba5:3c85:9cb8:2168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cumulative-quality-update-800f0922.png
www.winhelponline.com/blog/wp-content/uploads/2020/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winhelponline.com/blog/wp-content/uploads/2020/08/cumulative-quality-update-800f0922.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0bb2a809b914b1919d6d137d750bb34094ccc947922128e88291a6668b32ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
202802
x-ezoic-cdn
Hit ds;mm;e8287c4ba387014b01117ecdbf20b295;2-105367-78;9bf6ab81-faa1-4d6e-6e68-779b3625a89b
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"1c17-5ea6fce37fc34-gzip"
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVS1DgoPhpvjsAc742vl6qnkeiEG1RL49CO5Txj2CtnHlrsoSkV8DOD0yE0GG4yMbXZp0qdxRFNqhupy5IzKC%2FCoU%2B7KAsx7UuphCsQRngNszHoIYon7g1G3RnkQoom74OqGPGLiXiiVD%2BYOQU%2BqcMEhkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
cf-ray
7be9ad497c969261-FRA
wl
t.pubmatic.com/ 		17 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=162833
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.242 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.winhelponline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:51 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.winhelponline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 011A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c6ebf0f74c8fdcb416cacb47a34643e437b4507a5c770f321c25405bc56e8e44

Request headers

Referer
https://www.winhelponline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1728
Content-Type
text/html
Date
Thu, 27 Apr 2023 20:04:51 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 27 Apr 2023 20:04:51 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
si
capi.connatix.com/tr/ 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7be9ad4d5c55368c-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
usermatchredir
ssum-sec.casalemedia.com/ Frame 011A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZErVY3BeLNUkqSFaqdRcgQAAFLQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBP8cslz3B6QHDkc-6PGOoI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBP8cslz3B6QHDkc-6PGOoI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:04:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBP8cslz3B6QHDkc-6PGOoI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 011A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZErVY3BeLNUkqSFaqdRcgQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECopEQSIAHqTNyFsz2cm4xQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECopEQSIAHqTNyFsz2cm4xQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:04:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECopEQSIAHqTNyFsz2cm4xQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 011A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Apr 2023 20:04:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 011A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZErVY3BeLNUkqSFaqdRcgQAAFLQAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:04:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BQPA70E43SQ2XX6DQ8W8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 011A
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=aee8aadc-78b5-4501-8d43-845c3997cc2c
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=aee8aadc-78b5-4501-8d43-845c3997cc2c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:04:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=aee8aadc-78b5-4501-8d43-845c3997cc2c
date
Thu, 27 Apr 2023 20:04:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
ix
ad4m.at/ad/sim/ Frame 011A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame 011A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9ca96ae8-4ba0-3193-9b77eb0b
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9ca96ae8-4ba0-3193-9b77eb0b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:04:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 27 Apr 2023 20:04:51 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9ca96ae8-4ba0-3193-9b77eb0b
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 011A 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.25.233.254 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 27 Apr 2023 20:04:50 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
ow.pubmatic.com/ Frame 011A 		0
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ZErVY3BeLNUkqSFaqdRcgQAA%265300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:51 GMT
content-length
0
content-type
text/html
setuid
ow.pubmatic.com/ Frame 45F6
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent...
  • https://ow.pubmatic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
0
41 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ow.pubmatic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.winhelponline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 27 Apr 2023 20:04:51 GMT

Redirect headers

cache-control
no-store
content-length
0
location
https://ow.pubmatic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
strict-transport-security
max-age=15552000
setuid
ow.pubmatic.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
  • https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=74274986-3ea3-4fa6-815d-2ea9a95ab09a&gdpr=&gdpr_consent=&us_privacy=
86 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=74274986-3ea3-4fa6-815d-2ea9a95ab09a&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:52 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=74274986-3ea3-4fa6-815d-2ea9a95ab09a&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 27 Apr 2023 20:04:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
setuid
ow.pubmatic.com/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gd...
  • https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
86 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
Protocol
H2
Server
104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:52 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 27 Apr 2023 20:04:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 20:04:52 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2D3F 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BAA8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67514570&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
844a29ef495e786bc443e20635f78d2a668009fa48973adff5cfb325e9bd4da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 85FE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZU1rN0lsYXNBQUNFYWY1ZlYwZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGeMk7IlasAACEaf5fV0g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3338774857573086430&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGeMk7IlasAACEaf5fV0g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3338774857573086430%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3338774857573086430&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGeMk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGeMk7IlasAACEaf5fV0g&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGeMk7IlasAACEaf5fV0g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 27 Apr 2023 20:04:54 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGeMk7IlasAACEaf5fV0g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7A3E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2268447289275341454&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2268447289275341454&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
c358ea2e-cdff-4c23-91fb-4f30033f9d1c
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Apr 2023 20:04:53 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2268447289275341454&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
80.255.10.196; 80.255.10.196; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 15B5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d5c9644a-d565-4900-999f-89cb170133eb&gdpr=0&gdpr_consent=
42 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d5c9644a-d565-4900-999f-89cb170133eb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 27 Apr 2023 20:04:54 GMT
Expires
Thu, 27 Apr 2023 20:04:53 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master pao-pixel-x24 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d5c9644a-d565-4900-999f-89cb170133eb&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 1BD0 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 27 Apr 2023 20:04:53 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
image2.pubmatic.com/AdServer/ Frame 06FC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EVt2zENadJgKC3XOEFpvzxYOdswKXHqdRVk9C2CN
42 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EVt2zENadJgKC3XOEFpvzxYOdswKXHqdRVk9C2CN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 27 Apr 2023 20:04:53 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EVt2zENadJgKC3XOEFpvzxYOdswKXHqdRVk9C2CN
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5660
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Apr 2023 20:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 20:04:52 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame CF0D 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 20:04:53 GMT
expires
Thu, 27 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
286989
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
sd
us-u.openx.net/w/1.0/ Frame BAA8
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
date
Thu, 27 Apr 2023 20:04:53 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Martin
crb.kargo.com/api/v1/dsync/ Frame BAA8 		0
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.86.255 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 20:04:53 GMT
X-Accel-Expires
0
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame BAA8 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.45.124 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 27 Apr 2023 20:04:53 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame BAA8 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.1.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 20:04:53 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
c6823490-e536-11ed-ba6d-02acf3ae8117
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-080e852d8780f9482
Pug
simage2.pubmatic.com/AdServer/ Frame BAA8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=027d0918-3fc9-4bf0-8bac-f563d43625a3&gdpr=0&gdpr_consent=
1 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=027d0918-3fc9-4bf0-8bac-f563d43625a3&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 27 Apr 2023 20:04:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=027d0918-3fc9-4bf0-8bac-f563d43625a3&gdpr=0&gdpr_consent=
Date
Thu, 27 Apr 2023 20:04:54 GMT
Connection
keep-alive
X-CI-RTID
7540e916-4bb1-492d-bc59-08525e5ef317
Content-Length
205
Content-Type
text/html; charset=utf-8
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BAA8 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.25.233.254 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 27 Apr 2023 20:04:52 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame BAA8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 20:04:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
e-202317.js
www.winhelponline.com/ezossp/https/stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/ezossp/https/stats.wp.com/e-202317.js?screx=1&sxcb=1a
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172133
x-ezoic-cdn
Hit ds;mm;551462e82a747265ab57f2fe1d78fd9e;2-105367-78;2a90c5f9-1ff0-45f3-61da-6417600a9896
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT hhn
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"6197c5cf-3508-gzip"
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCjut1ydoB7x0QVJSUJtdip3Dtz07%2FgOuV0bKbXM2exddEcHzZr49GiLktXpsYv19stMgRGAQBlUAGkuC%2Fkz7aytiuLvTNwjHw7MJRR7uXPMvIKxXDy1T4%2ByC0FDgSRXMTFYBJsbZV%2FIazN4ykWNVADmaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=259200
cf-ray
7be9ad602b329261-FRA
jquery.min.js
www.winhelponline.com/blog/wp-includes/js/jquery/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=1a&ver=3.6.3
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf03089ec3f848864cf223e320078b5a990f6e61983f3c6a943e3bc9c57ba4dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
290016
x-ezoic-cdn
Hit ds;mm;74e5bbbd0584f77e62ae014a865381c2;2-105367-78;6508366b-40c0-4674-4bf0-5d09c7b14c13
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"15ed7-5f82810c35cb4-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FjZ7U6xswstOCRI9eOBeqEmqOdjKI9zWQJv2x0rqXqwQyNC2NYes3A%2BM%2F%2Fuv43e3xC0ezDaFyrHGOH4JJqSNp2A4Mtt5pXna6Wc99kiVXMK3GM9Kj0XsqiL8uXaGaO2zdXv%2Bk2udJ4QreTcmON%2Byq26HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-ez-minify-js
0.14% 94242 / 94375
cf-ray
7be9ad602b349261-FRA
connatix.player.dc.js
cds.connatix.com/p/262491/ Frame DF10
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
  • https://cds.connatix.com/p/262491/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
1021 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/262491/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Protocol
H2
Server
172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9fd5fed1bd7516b07fc8b59184c6ee9ba31c0d64c8e50373e394b907135fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
x-amz-version-id
VxXDhetEcjicfF.frLbGwIxHR2zSDy.M
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 27 Apr 2023 09:18:18 GMT
server
cloudflare
etag
W/"511615f86861e3cbd82df566d55b468e"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7be9ad62e84ebb53-FRA
access-control-allow-headers
range
expires
Fri, 26 Apr 2024 20:04:54 GMT

Redirect headers

date
Thu, 27 Apr 2023 20:04:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/262491/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7be9ad61df42bb53-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
www.winhelponline.com/blog/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=1a&ver=3.4.0
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff9bc6ded4ef5af9907b7100959104bdc2ad0a0c65ae5bb80c5ab2f82f7bea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
290562
x-ezoic-cdn
Hit ds;mm;cfd5dfa620375fb6fbef911b32bdb1cd;2-105367-78;1ce6e132-233e-4cdb-4ffc-ee11a29b7047
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"3470-5f82810c35cb4-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLTvfY%2BMf7BQiNK6VJ2QEk58bqUPb%2FFJYBR6OQsnQzxiLkju1ZIAGKO2h%2FZL4uecsi9XMtu0pwfz6dlGgI1yaVFcPz%2Fy3BcBYF7%2BxUYqXFvEI%2FxigMKBqR%2FyGuJg%2FkUUChjoRDtZzwTS8p6XuIwk64VhRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-ez-minify-js
0.09% 13739 / 13752
cf-ray
7be9ad606b759261-FRA
script.min.js
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/script.min.js?screx=1&sxcb=1a&ver=4.4.1
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed683257f28ac769fe650a7504450eb77852a4cba1f79bace5dd43cbd557e61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
64955
x-ezoic-cdn
Hit ds;ds;094612788608847d51db25ac17b91804;2-105367-78;f1b789e2-1f55-4d01-5d54-f1c5040d1859
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
x-ez-proxy-out
true 2.3
server
cloudflare
etag
W/"550b-5f4c132a6c8f9-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG3qgezBX34enBazd7UmI1ueJxVkjCecd6ugv%2BKp4XhZ4F9zBcSZ0a4WWOKOvdxUJumUyAwsp6WeAfAo4wZ%2FExKkaXqTx4YyEGNS8OK%2FzuuE7Ku3OYKPRpNVNtuy5vTyO3jn%2BJs5mSMG%2Ft6D%2Fu9y5gvP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-ez-minify-js
0.37% 23416 / 23503
cf-ray
7be9ad613c109261-FRA
g.gif
pixel.wp.com/ 		50 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=2943880&post=0&tz=5.5&srv=www.winhelponline.com&j=1%3A12.0&host=www.winhelponline.com&ref=&fcp=1521&rand=0.3032129494248439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:04:54 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
army.gif
www.winhelponline.com/porpoiseant/ 		0
384 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzQ3NTY1NTQ3NzI4OTMxNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgyNjI1ODg3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiIwOTUwNDY4OC1jYzUzLTQ2NjktNDUxNC1jMTczMGY5NDliNDAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjczIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODYxNDYyNTMzMDQwMzciLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODI2MjU4ODcsImFkX3Bvc2l0aW9uIjoxMTk4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjA5NTA0Njg4LWNjNTMtNDY2OS00NTE0LWMxNzMwZjk0OWI0MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjUzMDE5MjQ2NzEzMzIwMzUiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODI2MjU4ODcsImFkX3Bvc2l0aW9uIjoxNjA4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjA5NTA0Njg4LWNjNTMtNDY2OS00NTE0LWMxNzMwZjk0OWI0MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNjUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHMoeXfeh3RCFs9UQ0UuJ3d62B9drO9XcYuQ5z%2BLFcJ%2FmWOU3EvqTkyuWLKEifsyCZeF1g%2BsljpxPPH2eKKil4kg%2FNssEqhTM%2B1iMAbU4Un4LwV0lkJGtonN7c1Na3amMADdGz452pFQL0EOZBk17a55gg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.winhelponline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7be9ad61cc869261-FRA
expires
Wed, 26 Apr 2023 20:04:55 GMT
army.gif
www.winhelponline.com/porpoiseant/ 		0
320 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzQ3NTY1NTQ3NzI4OTMxNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgyNjI1ODg3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiIwOTUwNDY4OC1jYzUzLTQ2NjktNDUxNC1jMTczMGY5NDliNDAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODYxNDYyNTMzMDQwMzciLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODI2MjU4ODcsImFkX3Bvc2l0aW9uIjoxMTk4LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjA5NTA0Njg4LWNjNTMtNDY2OS00NTE0LWMxNzMwZjk0OWI0MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTMwMTkyNDY3MTMzMjAzNSIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MjYyNTg4NywiYWRfcG9zaXRpb24iOjE2MDgsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMDk1MDQ2ODgtY2M1My00NjY5LTQ1MTQtYzE3MzBmOTQ5YjQwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQ0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-7y33-4y3a-12y3b-5y61-22y68-1&cmbcb=136&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x33x3ax3bx61x68&abt=BidderTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK0BoKVYJUPEoyUxdzjR9TuLsm8C9lIrMMnDM2X305nfi7wCWjO9lSc9gIQg8ury21Eph5YEOZJLLVndx8XvFgwio1tOMdPWlEGTGnSn5rIGZH0%2ByKKuera5%2BNPNcx5ALXSQe%2BeZfjomI5%2F%2FvuR%2FjYEh2A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.winhelponline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7be9ad61cc889261-FRA
expires
Wed, 26 Apr 2023 20:04:54 GMT
player.css
cds.connatix.com/p/262491/ 		65 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/262491/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4d7169daabc676334f89544fef9f89cda2616e5d87c47630fb052f3cff2a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:54 GMT
x-amz-version-id
fVcV9BVS55B4wZ39_Pw_RZQ6zVzE62pT
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 27 Apr 2023 09:18:19 GMT
server
cloudflare
etag
W/"8515afd25779c595316d81b3d9c8593c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7be9ad639919bb53-FRA
access-control-allow-headers
range
expires
Fri, 26 Apr 2024 20:04:54 GMT
pls
capi.connatix.com/core/ Frame DF10 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=262491&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38ef3776ef3d28ad820d2890fd34d9ebe72aa674809a8ccf138391f3b0f7038

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 27 Apr 2023 20:04:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.winhelponline.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7be9ad63cad1368c-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sr
capi.connatix.com/tr/ Frame DF10 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de3b806be0dafda84b0f28fc115b6ca251bc32539ea03c242ea05dbdc4f0dbc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24737
x-xss-protection
0
server
cafe
etag
891 / 19474 / m202304240101 / config-hash: 18361539349155083424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 20:04:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DF10 		0
0
elements.ui.b5b880a7c49b61bad744.js
cds.connatix.com/p/262491/ Frame DF10 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.winhelponline.com%2F&pid=mFuXqncToOJ1E&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22id%22%3A%22Outstream1%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!ezoic.ai%2Cfcf1bfe7ef9acf65d80171de791d41d2%2C1%2C%2C%2Cwww.winhelponline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.247.205 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.winhelponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 20:04:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
TTXB15BFHDS32D5XFV39
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.winhelponline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
FdyiWTm7iVLkYPa7B05nF_vvuTtQ9N4_HBdstz4u0mukdGeoHISZGw==
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:05:00 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 27 Apr 2023 20:05:00 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
capi.connatix.com
URL
https://capi.connatix.com/tr/sr?v=262491&tier=2
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/262491/elements.ui.b5b880a7c49b61bad744.js

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless function| __tcfapi number| __ezWillLoadCnx object| __ez function| $ function| jQuery object| __ezaps object| __ezapsVideo string| __ezapid string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars boolean| __ezasAggressive object| ezslots_raw object| __advertiserRule object| google_reactive_ads_global_state function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire boolean| ezhbopt boolean| ezpbCache object| __banger_pmp_deals object| _ebcids number| ezobv object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po boolean| __ez_fad_floatshowd function| __ez_fad_csnt function| __ez_fad_rdy function| __ez_fad_position function| __ez_fad_display function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_init_slot function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat string| GoogleAnalyticsObject function| ga boolean| __ez_conestreq object| adsbygoogle string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl function| ezCmpLoading number| ezUserChoice function| handleAcceptAllClick function| handleShowDetailsClick function| handleDeclineClick function| handleShowVendorsClick object| __ezCmpConfig boolean| cmpIsOn object| ezConsentCategories object| __ezconsent function| ezConsentSettings string| ezPreRenderCMP string| ezPreRenderCss function| hideEzCmp function| setEzCmpCookie function| handleEzAdBlock function| checkEzAdBlck boolean| ezAardvarkDetected function| ezDetectAardvark function| __ez_vig_close_wrapper boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| loadSovrnSignal object| __ezPwtBidders object| PWT object| owpbjs function| openwrapRequestAdUnits function| openwrapRefreshSlot function| openwrapBidsBackHandler function| getSlotForhb function| __ez_fad_ezpbinit object| ezAdtelligent object| ezYieldmo object| ezCriteo object| ezMedianet function| ezjsps object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain function| __ez_tkn_evnt string| schain_domain string| dom function| getAmazonSlotById function| ezapsFetchBids function| setA9VideoBids function| setA9DisplayBids object| apstag object| amznVideoResponse number| __cnxiid string| __cnxau boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m function| getCookie function| __ez_addAllListeners undefined| __ez_dims boolean| ezCanEngagePage object| cmpCookies function| ezoChar function| ezoCharSize function| newEzVignette object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| ezasBuild function| ezorefgsl function| PrebidImpressionController function| PrebidImpression object| regeneratorRuntime object| ezoptbid function| epbjsRequestAdUnits function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded object| __ezsbwcmd function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux function| ezoicSiteSpeed function| ezoicDocumentWrite boolean| __ezScrexFired function| __ezScrexify boolean| isScrexed object| _ezImgFmt object| metricNameMap function| ezlogVital function| __ez_get_footer_height function| __ez_set_outstream_floor function| __ez_auto_adjust_outstream_float function| __ez_outstream_player_tracking function| pixelData function| __ez_outstream_float_destroy object| ezRBA function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey function| loadCSS object| ezLazySizesConfig object| ezLazySizes object| webVitals function| uglipop number| indexKey undefined| google_measure_js_timing object| ezslot_interstitial object| ezslot_oneByOne1 object| ezslot_oneByOne2 object| ezslot_oneByOne3 object| ezslot_oneByOne4 object| ezslot_oneByOne5 number| i3 object| owpbjsChunk object| mnet string| nobidVersion object| nobid object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT boolean| success boolean| apstagLOADED object| apscustom object| _aps object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ct function| ha object| ezslot_2 object| ezslot_1 object| ezslot_0 function| setImmediate function| clearImmediate object| nunjucksPrecompiled object| ezCMP object| ID5 object| pbsLatency object| hadron boolean| __halo_loaded__ object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked object| perf_vals boolean| __ez__w_load object| __connect object| au object| cnx

53 Cookies

Domain/Path Name / Value
.winhelponline.com/ Name: ezoadgid_105367
Value: -1
.winhelponline.com/ Name: ezoref_105367
Value:
.winhelponline.com/ Name: ezosuibasgeneris-1
Value: d528f9d7-91d2-4041-5406-94aac9e7a77e
.winhelponline.com/ Name: ezoab_105367
Value: mod62
.winhelponline.com/ Name: active_template::105367
Value: pub_site.1682625887
.winhelponline.com/ Name: ezoma_105367
Value: 999,999
.winhelponline.com/ Name: ezopvc_105367
Value: 1
.winhelponline.com/ Name: ezepvv
Value: 337
.winhelponline.com/ Name: ezovid_105367
Value: 1025118359
.winhelponline.com/ Name: lp_105367
Value: https://www.winhelponline.com/
.winhelponline.com/ Name: ezovuuidtime_105367
Value: 1682625889
.winhelponline.com/ Name: ezovuuid_105367
Value: 568bee24-91fa-46a5-5df6-a408d7315430
.winhelponline.com/ Name: ezCMPCCS
Value: false
www.winhelponline.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.winhelponline.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.winhelponline.com/ Name: _ga
Value: GA1.2.1376343051.1682625889
.winhelponline.com/ Name: _gid
Value: GA1.2.42700718.1682625889
.winhelponline.com/ Name: _gat
Value: 1
www.winhelponline.com/ Name: ezouspvv
Value: 0
www.winhelponline.com/ Name: ezouspva
Value: 0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 438B8EBD-318B-4C86-80E8-C6BFAC574804
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1683158400%3A248%7C1683763200%3A263_262_201
.pubmatic.com/ Name: SyncRTB3
Value: 1683763200%3A220_54_22_250_21_13_46_71%7C1683158400%3A2_223
.3lift.com/ Name: tluid
Value: 124317138634600363569
.tapad.com/ Name: TapAd_TS
Value: 1682625890743
.tapad.com/ Name: TapAd_DID
Value: 94619ef9-a99a-49bb-ae90-1b33500a865f
.simpli.fi/ Name: suid
Value: 52BF338A306F4730B7EF94534D930C35
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUkxCHWcP5qgfw11QDxm9zOLSp_K0ElL2iMg6c1TkQ0JlmzxfWWokmrSEOxtwEk
.yahoo.com/ Name: A3
Value: d=AQABBGLVSmQCEOAs3ib3EdrD_GSze7-HOSAFEgEBAQEmTGRUZAAAAAAA_eMAAA&S=AQAAAqG9yWY0xo36NjUGlNQNtvY
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2bbw
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZErVYgAF6VrWLQAn
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjM0NTKytDQzMBHiM9T1MMstT8sv9C0PzckGALGGAcMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjM0NTKytDQzMBHiM9T1MMstT8sv9C0PzckGALGGAcMlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkZmRqYWlgaWABAMmi_h8QAAAA
.turn.com/ Name: uid
Value: 8231091582167807463
.amazon-adsystem.com/ Name: ad-id
Value: A4cqh7uQBUKimjJeTMiGZkM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5124322326152299604
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEP8mnRKty9TE0Gds0xXSWmA&KRTB&22987-CAESEP8mnRKty9TE0Gds0xXSWmA&KRTB&23025-CAESEP8mnRKty9TE0Gds0xXSWmA&KRTB&23386-CAESEP8mnRKty9TE0Gds0xXSWmA
.pubmatic.com/ Name: PugT
Value: 1682625890
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8231091582167807463&KRTB&23150-8231091582167807463
.casalemedia.com/ Name: CMID
Value: ZErVY3BeLNUkqSFaqdRcgQAA
.casalemedia.com/ Name: CMPS
Value: 5300
.casalemedia.com/ Name: CMPRO
Value: 5300
.adnxs.com/ Name: uuid2
Value: 2268447289275341454
.servenobid.com/ Name: pid_312
Value: 2268447289275341454
.brand-display.com/ Name: _knxq_
Value: 9ca96ae8-4ba0-3193-9b77eb0b.1682625891.0.1682625891.1682625891
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzQyNzQ5ODYtM2VhMy00ZmE2LTgxNWQtMmVhOWE5NWFiMDlhIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTFUMjA6MDQ6NTIuMjM3NjkwMzk0WiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIwMDAwRUVBIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTFUMjA6MDQ6NTIuNDcyMjg5MjQ2WiJ9LCJub2JpZCI6eyJ1aWQiOiJNekV5T2pJeSFqZzAhKmN5TypreSF6VXohKkUwIVRRfiIsImV4cGlyZXMiOiIyMDIzLTA1LTExVDIwOjA0OjUxLjU0MDM1MzI1M1oifSwicHVibWF0aWMiOnsidWlkIjoiNDM4QjhFQkQtMzE4Qi00Qzg2LTgwRTgtQzZCRkFDNTc0ODA0IiwiZXhwaXJlcyI6IjIwMjMtMDUtMTFUMjA6MDQ6NTAuNzg3NDE5MjgyWiJ9fSwiYmRheSI6IjIwMjMtMDQtMjdUMjA6MDQ6NTAuNzg3Mzk2MTEyWiJ9
.pubmatic.com/ Name: SPugT
Value: 1682625892

2 Console Messages

Source Level URL
Text
network error URL: https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://crb.kargo.com/api/v1/dsync/Martin?exid=438B8EBD-318B-4C86-80E8-C6BFAC574804&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
ajax.googleapis.com
api.btloader.com
basher.ezodn.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect-metrics-collector.s-onetag.com
crb.kargo.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
ezodn.com
g.ezodn.com
get.s-onetag.com
go.ezodn.com
gvl.gatekeeperconsent.com
hbx.media.net
ib.adnxs.com
id.hadron.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.prod.bidr.io
onetag-geo.s-onetag.com
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.tapad.com
pixel.wp.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
privacy.gatekeeperconsent.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.bfmio.com
sync.ipredictive.com
sync.mathtag.com
synchroscript.deliveryengine.adswizz.com
t.pubmatic.com
the.gatekeeperconsent.com
thrtle.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.winhelponline.com
capi.connatix.com
cds.connatix.com
imasdk.googleapis.com
104.36.113.107
104.36.113.111
104.36.113.67
13.224.192.181
130.211.23.194
142.250.181.230
143.204.89.74
147.75.84.158
151.101.194.49
172.217.18.98
172.64.154.204
178.250.1.9
18.66.112.32
185.80.39.216
185.86.138.153
185.89.210.46
192.0.76.3
192.82.242.209
192.82.242.213
193.0.160.131
204.237.133.242
209.25.233.254
23.35.228.23
23.35.236.201
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:20::681a:10c
2606:4700:20::681a:c
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:20::ac43:4a81
2606:4700:3033::6815:1c30
2606:4700::6810:5814
2606:4700:e4::ac40:a702
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:ba5:3c85:9cb8:2168
3.120.86.255
3.214.165.89
3.229.9.249
3.33.220.150
3.71.149.231
34.102.163.6
34.111.113.62
34.111.151.213
34.194.29.115
34.250.48.151
34.95.81.168
35.204.74.118
35.244.159.8
46.228.164.11
51.89.9.252
52.222.247.205
52.46.143.56
52.73.45.124
54.155.84.200
63.35.1.49
65.9.66.33
72.251.245.179
74.121.143.240
74.214.196.131
76.223.111.18
99.83.181.31
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
054ef5838ddb6e1171550191a06fa204951eb204fd8bdf98df4f631000b4fa5b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d4bc2d5c34588df622aebd16adf97b5a4ebfd9ac5b49eec1c795a5055ac62c5
0f8020b22927e52bc72e23d5f15daea09231cd26fa72390dfe415fdd249428a5
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
15d77ca69d37096c7c4dc572fb6f0f662fc8052e230cdd786d558c16de2973cd
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1d673f19348a1a820ae58996ce0a925fe7be63497acc1a9281570c5df36677
1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d1abac5fa982d67acbbbe5df76cba3777afb57ee7ce0291285e29179ab91f1a
1d3297fd254c0bc11d4924427d5f8f3585e4d41682cb11e1045d6f14797f8b3c
20d22e0e8b9e04f0befcb307771d932462246ff740f82b64009d52d9506a5aac
27cc5b126c56f48594c240ee1d0f99f97d75394d97a1f0dae1c94abb97697a55
2a12aae8be6c01bde8575f28783f29b3f3c35f882c2b5946a0e0eead3fbbb729
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f93722dd0a9c4ad00269d1b3a32c0c4f4ae1eab822eee3ec583a29fe4dd626a
3045ae38ff1e3ffd35b550a7cea1a7acedba245982561a7f7c467474ef263004
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed683257f28ac769fe650a7504450eb77852a4cba1f79bace5dd43cbd557e61
40c69b813b52f313bb1dd8f4327e2dc114d72545139aca85d2370af19823aa28
43a1252a758da8fff6756d2c968f9325a3b73f4b8d7c88110073b6969def1d5b
46cb7007000da27821e4fd308016826ff39e40592fb9dfd676f66ded5edb3ff8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4b9fd5fed1bd7516b07fc8b59184c6ee9ba31c0d64c8e50373e394b907135fa5
4ba6041869db135482cd3b94ec40f4391bbf0a5ca77bc6c1a9702d877fd9d88c
4c0539e652120775af64d901a0db33e477945c42586029295f9361b2bdd507c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e48c50a7790666aa0750a4d806b488473b171b40622dc1a44359005777815ad
597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f
5c26e8924e3dd36df44967f8a14300efd93b7eb049cf6ade230c084a2cf6d47e
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6c0bb2a809b914b1919d6d137d750bb34094ccc947922128e88291a6668b32ee
6c19defdafb93491774aa4bcf29d7400b143e45a8f68809ddbd99f80aa22f9dc
6d24aa6c759bf985377cb6d8da10653aab877022d6e6462f546e86bae4ae41e2
6d4d7169daabc676334f89544fef9f89cda2616e5d87c47630fb052f3cff2a35
707681e67d6f9a7480fee2a981f9bbe8d83bd4bddabec301429798e26755aa9e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72fac7041ca8c8fafc55e402409b70883306610d56ca0cd883941ef0779b8cb2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74f63820c5b5ee8d435c97834c55eb752e811f4eb0e5f64f23ea6e37b93590ef
75509aec51f490cf71ce33f2310c4d93cd4d96e238bcff7081c87defa267650a
7a5f53b1f7fa3627285189e4e8c9fdaa84319b869370f4ca70edb66506899d03
7b85bcb075a13466616c573a91f310265b48c0879b56e003d4d3b7c421eee188
7f41e172df5100d5f831d0ba17958f3c254f35e6f2d265c7da216c4cd5137ce9
801f4cad263afd751824bb79830d4e1a48ea9a1feab7e66f04432cbba98e28c4
8230efc6af9182cb5a3412670b861554742f8795886a114dfd20c78467ef4212
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
844a29ef495e786bc443e20635f78d2a668009fa48973adff5cfb325e9bd4da6
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
8829a8924dff757932f56397690292e154eb33f5471e683cebfcc9884c38c2cf
893e88ab6383834ec89dfe5369d6fb23fdad6daf6ebc00147701bebd8cbc7115
8ad989bd0b5d9ce46e5e028dc54583e9a6cbfaa204184ed33ec2bd98439cae25
8b1e5fbcc69298653b817c7913e6a569d45671f52f0d5cf948f527ccf7b93a27
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e940735ef90beb2ea75c4886f4fb827179bf9d14c78e05f8b151d514e678a3a
8f6515c9511421c4c99b71d57857c5385f957ccdbecda93a1e234bbd5e893748
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731
96d4ba3666a3272382e88cf840403d5cea356596828b42d09fdc0f8910290e61
98dea2969e1c2a131839e5c0301506a128dac68bf259f4d9788fee1cd00f40cb
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc82ae240bbd41d82d2907a9ed8fe40df403a852973710d1e21213a3fbdc301
bf03089ec3f848864cf223e320078b5a990f6e61983f3c6a943e3bc9c57ba4dc
c044a3c9cdb186fb83cea1eeb7cf8ee76e0e084835c45cead97e96c855f8d857
c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
c6ebf0f74c8fdcb416cacb47a34643e437b4507a5c770f321c25405bc56e8e44
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb09fb048d59da17e1a529984a00e0a23ebeef7848767ac4154d4ca45b590857
cc9ad702704147d8847db169c4a72c344f6f30893bfd30baa1a1fd9645d0ad2c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d38ef3776ef3d28ad820d2890fd34d9ebe72aa674809a8ccf138391f3b0f7038
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3b806be0dafda84b0f28fc115b6ca251bc32539ea03c242ea05dbdc4f0dbc0
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e22c810b5a82602ec3a367ae312d8691ad9a770efc322ffc42b6605d895268c1
e2bc2e62acd8c74b47dc6b86918cd2ede0a053b716144298bd97e66366524fdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb3f9c7b1592f4f8f1db0765262b0f9bf69588bef9ad0d0e0c15cb4e977b0d4c
ed58ab3092200ade6d11e4b72e8528ef82588ba66d53bb4e9a5657aedee55a15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
faec8eb1d835361aefcf57fb0c55d7ad0d90a3ca389a17f85ad8bb71436059d8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fff649d2fbd314dfac73b6aa05c37313c2f1398e727d43db2d06fc41229bcb80
fff9bc6ded4ef5af9907b7100959104bdc2ad0a0c65ae5bb80c5ab2f82f7bea7