www.winhelponline.com Open in urlscan Pro
2606:4700:20::681a:c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Submission: On May 05 via manual (May 5th 2022, 4:25:11 am UTC) from US — Scanned from DE

Summary HTTP 211 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 43 IPs in 9 countries across 34 domains to perform 211 HTTP transactions. The main IP is 2606:4700:20::681a:c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.winhelponline.com. The Cisco Umbrella rank of the primary domain is 884473.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2022. Valid for: a year.

This is the only time www.winhelponline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	2606:4700:20:... 2606:4700:20::681a:c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.251.36.130 142.251.36.130	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:3800:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	51.89.21.21 51.89.21.21	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 2	34.241.231.109 34.241.231.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4 9	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 7	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:d000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
15	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1 1	139.162.84.221 139.162.84.221	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	2600:9000:215... 2600:9000:2156:7400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.215.11.117 52.215.11.117	16509 (AMAZON-02) (AMAZON-02)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	35.156.95.138 35.156.95.138	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
22	2602:803:c003... 2602:803:c003:200::61	() ()
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	72.251.249.13 72.251.249.13	() ()
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	() ()
1	151.101.2.137 151.101.2.137	() ()
1 1	147.75.38.124 147.75.38.124	() ()
2	3.139.123.30 3.139.123.30	() ()
4	2a00:1450:400... 2a00:1450:4001:82a::200a	() ()
211	43

47 2606:4700:20::681a:c (United States)

ASN13335 (CLOUDFLARENET, US)

www.winhelponline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.36.130 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3800:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.231.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-231-109.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1564-221.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.11.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-11-117.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

absorbingcorn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.95.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-95-138.eu-central-1.compute.amazonaws.com

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2602:803:c003:200::61 (None, )

ASN- ()

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (None, )

ASN- ()

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (None, )

ASN- ()

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.139.123.30 (None, )

ASN- ()

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	winhelponline.com www.winhelponline.com — Cisco Umbrella Rank: 884473	276 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 171	146 KB
22	rubiconproject.com fastlane.rubiconproject.com	71 KB
21	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289 bid.g.doubleclick.net — Cisco Umbrella Rank: 672	248 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	170 KB
14	google.com adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20 cse.google.com — Cisco Umbrella Rank: 4144 clients1.google.com	167 KB
11	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 4835 cd.connatix.com — Cisco Umbrella Rank: 4500 cds.connatix.com — Cisco Umbrella Rank: 4673 ins.connatix.com capi-tier-2-us-east-2.connatix.com img.connatix.com	381 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1061 static.adsafeprotected.com — Cisco Umbrella Rank: 777 dt.adsafeprotected.com — Cisco Umbrella Rank: 670	100 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 326	248 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 432 fonts.googleapis.com — Cisco Umbrella Rank: 111 www.googleapis.com — Cisco Umbrella Rank: 51 imasdk.googleapis.com	774 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901 ssum.casalemedia.com — Cisco Umbrella Rank: 1860	5 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 5351	1 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 375	41 KB
4	ezoic.com pb-server.ezoic.com — Cisco Umbrella Rank: 13783	2 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 3120	955 B
3	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 10112 ezodn.com — Cisco Umbrella Rank: 9704 g.ezodn.com — Cisco Umbrella Rank: 70846	211 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6491	722 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 2170 id5-sync.com — Cisco Umbrella Rank: 915	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
1	a-mo.net 1 redirects prebid.a-mo.net	317 B
1	lijit.com ap.lijit.com	12 KB
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 856	319 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1119	368 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 2155	177 B
1	wp.com pixel.wp.com — Cisco Umbrella Rank: 2695	126 B
1	absorbingcorn.com absorbingcorn.com	27 KB
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 3099	68 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 1027	35 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 992	444 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 18368	556 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	37 KB
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 11051	2 KB
0	adtelligent.com Failed ghb.adtelligent.com Failed ghb1.adtelligent.com Failed ghb2.adtelligent.com Failed
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
211	34

	Domain	Requested by
47	www.winhelponline.com	www.winhelponline.com
22	fastlane.rubiconproject.com	go.ezodn.com
15	s0.2mdn.net	www.winhelponline.com s0.2mdn.net bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com imasdk.googleapis.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com fw.adsafeprotected.com srcdoc
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	www.winhelponline.com securepubads.g.doubleclick.net cd.connatix.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	ib.adnxs.com	2 redirects googleads.g.doubleclick.net go.ezodn.com
7	www.google.com	tpc.googlesyndication.com bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com www.winhelponline.com www.google.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
5	c.amazon-adsystem.com	www.winhelponline.com c.amazon-adsystem.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	pb-server.ezoic.com	go.ezodn.com
4	cds.connatix.com	cd.connatix.com
4	dt.adsafeprotected.com	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	an.yandex.ru	2 redirects
2	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
2	d5p.de17a.com	2 redirects
2	static.adsafeprotected.com	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com www.winhelponline.com
2	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	capi.connatix.com	www.winhelponline.com cd.connatix.com
2	www.google-analytics.com	www.winhelponline.com www.google-analytics.com
1	img.connatix.com
1	prebid.a-mo.net	1 redirects
1	ins.connatix.com	cd.connatix.com
1	clients1.google.com
1	www.googleapis.com
1	cse.google.com	www.google.com
1	ssum.casalemedia.com	1 redirects
1	ap.lijit.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	onetag-sys.com	go.ezodn.com
1	tag.1rx.io	go.ezodn.com
1	pixel.wp.com
1	absorbingcorn.com	www.winhelponline.com
1	cd.connatix.com	1 redirects
1	cs.chocolateplatform.com	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
1	ads.yieldmo.com	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	a.c.appier.net	1 redirects
1	bid.g.doubleclick.net	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
1	www.googletagservices.com	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
1	fonts.googleapis.com	bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	www.winhelponline.com
1	g.ezodn.com	ezodn.com
1	go.ezoic.net	www.winhelponline.com
1	ezodn.com	www.winhelponline.com
1	ajax.googleapis.com	www.winhelponline.com
1	go.ezodn.com	www.winhelponline.com
0	ghb2.adtelligent.com Failed	go.ezodn.com
0	ghb1.adtelligent.com Failed	go.ezodn.com
0	ghb.adtelligent.com Failed	go.ezodn.com
0	hbopenbid.pubmatic.com Failed	go.ezodn.com
211	58

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.ezoic.com
www.twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-03` - `2023-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
cs.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2022-03-31` - `2022-06-29`	3 months	crt.sh
absorbingcorn.com R3	`2022-03-26` - `2022-06-24`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.ezoic.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Frame ID: 9750A779814D7B6B8F675270F8335C26
Requests: 146 HTTP requests in this frame

Frame: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E81521FDD01D0A63CA9A93A71593D3FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD5D95352AA9FB9769B19D62A0D858E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D0A7A6CDCEA071B7297A5F981526603
Requests: 2 HTTP requests in this frame

Frame: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C18091AA46711B190C695ED80F34680
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGMq73sgBMAE&v=APEucNUtM_6GfJGzfislIFGyeDsW3E41tn-T6ksF2EMg0MLtZMRkKS1FBfpeRuKXDXQjAUGCLSdBhjhsJc8VDpMBExV7KE9a-wPLysSHJ5JdEZQuWSLYZn9k-gD02heeI0gpiEMZyGki8IpUHqQKrj-Qpp2geYjpjyKRy9403autjUNy_52X7f8KBqP_j3rV38UyMYpxz5TNZiorwh6UaUqpM3um2FzeNQ
Frame ID: 519839FFE6AE4E06A9E77D3521DCBE5C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsYooPzEWXtwi1z7zE_jqcC6T02otSa87Vpx50rLV0TwqIRSMiHgIXsvvWfJO-srodpZNvRnvLLr-KkJjs3X1-5qpyLh3fyva2t2I9GTMl1HW1tosOGlop14tIO7zmofizQdQUwReczduOVHxljt3L1Swr3w&dbm_d=AKAmf-Cx8kFD6jEUEVkU7a8ekv97Sy8EB0w61CifqTdYN5diN_zvw_3g_ZLyrwEqP3g99N9U3j6Jc8D88j1RQN6f659JRE1hgLSTs6h_S8ozsvNrmSQfxco2TaCvQ9CZUEc6GGZAnbswL9Ba00XiRfkxdQ3F7f7THdtO622idKwmZlfqAp9e5O0IiJ0zSUE-KiJRJPKoFPlDpOCb9tmV71Nhb_nremh1NCUvK1HdNWgz4DNKl7dr3knnlniMddgXNA-wlZ0KMg5Iv2uQDx0VYgmSfyxiYz0zwCt23xJzYpSS8eFmKgj-MBcwnSw9FDczbXMrzNUHXTJtAAlwGUJES3dHkQyFhy2wFYuFDAN2LdZ7uvSosRqstF47keWYztq0OHeQJLnKno3sWDv-LuqV0l-LM4XBkTlqFnFAfRLMkNwtxhV1Ug2ZYQ_PuFOwt4KZYhH1tSIXERFZaf36p07ihs44uSOMzUs9AUC055FC_zXHfwWYKfpwi7NUshqZIRhKVCNyyRBrObW8xHQUBR6mFoZuoO3MMSSIBKfUI-eOTxQZi3DNe4z37mll7hUxTXht0yEWNEDCSic2Gvaeg-Dt9-8nyt-_A-PCoL2tP2yI_vXu_6t4Kq_pe1LEM-HpAnfGrb-OKeCi5FJU2aEjpK2srEnFDdMZCXiJrT0EaloP3hjKQXLq7_oSHN-Pf2Cg9_zDhxABx7odFH846v20zkIUzmEIfRV_Yfy7f4fUh_TD3k1jEZrIZHgQOdt7RZ2UDL6LRk1pVlp8-j-jLaZxMdPCSVA4I0k3ClGSVm7MbrtdGDve_8JzzVnQWFUucD9r5ejWivhcb2IiYfqOEGQ9C7wN53aOu66VdBui3eSsQk03SflRW67Xi0QNDPvXOkr7qD6rhSC4hg9VgKZjibZOWVLHHmOrl3goiKX55vz5Cw_y3ENYrcPYRw1E8i_6L8zDLTzQNvZnRX_uGvUMbexla2ULy-VaNhVCQP3jBS0jJ2rOwOjyTTuFVgct7eoyGR-nB68uEeGQfRgY1XRdHysTm5KkCQ3t9e1h_mKVIeKCJr_J1n_R_KEzrjt5RUT5GuOYy7HJyqhihbcESGKALybX7w62nS_yS1CCcFJg5Uol1yznpQP7pqubk2j8tQS3oJVER1oUeqTEYLe5BajcNHiwjUGTgKKzcj9WW1yVWBxK2MWaFfra24yEY-8F-_im_xtDJubanQpom-CIDl6LcYTJLnlIHklC9ezsPXN-RVPYQ2Pc2ST-qxZYcXoh4kt1yEaOd7A9VKE3wmnfgEa8d9yO3ohRbF258hlfJg3upy8pIqHAGmgh0dYc8KaElFNs3z3ArCTSIP4zSx1KBtVK2nNkB-OtCBLyCzCN67hON8ehPQLAakZjSFt55op1hI2vUKsUhecWEsQvT2xZZsFQ8Gl8hhiAMnDQ-qFYYg5G_cBq4OoB3ugZA3CWNzXihLg9EjkNlOWlNNTxUuMlxDlNM9TzD-Y4lybsifNjPzjGzpJ0d3VvCuSbcIHCtFT_ZyjtDLDaUHT0duF9xhcAwRy9l2DyVg7qSA9RtTVXiUjvnvuXT2zg5SUbklkakCLkZ_M87AcwIYTSGVaKnd9PealGskS0gNsc3NO58MaeKZ_3iXm8P7cFeZrGydacX78Y8s3rTNiuBXG8BevcvBeoM8W7kiwKWDAxnGyIlklhIQrd9QQRjqF_7x9oxIqbZlxXVffo7NxKHAosVHIE5ipUzact9ZoGVC2bFiwNTQpwFEExRuUbScEN53VD9UIxwcXuQDG8aB3Pv-nlh1mGkitE-BtoaEKnQv5GEqgT3w1BqgrgaU6nwrqXEthtg3oJRWvruWo5Nz4rtC1UtlOWQseb0ZVl0fc50v96OzZOtp72DpLsn77XNpTcVoB0kQ-XMOlyDdpwtzwSZKW10N2pE-VMn2Ses63EpdGn1c6XwReJ2KFIcgJtLNBIVmE0sKdFRtNRExUNdugDsoC3sGw_IIwfaVj2b3Ie2bhuMxAJ_u5WLRAimsRqr2S0R2CEG27y4DAQonkFcxu9yQLJI_g-OC7_e52GKU34_7726YPnip5Lz6LKf31O2Af4zbkYt3UnpHn1-EgmNYei5gWxCNFiyPQnpKv8fUFCGzymHFp5AVr7j9bh8qy3CArB1A54dfuw6gHMKuaSCa6ZD1AxyXUhX9E0a84F95ZS2XUjZWzVSmwMgl0jmp1TCbJ5QyfNnfpHnEi3s8NmeONGxS9auBU_Zu7fzNkAwmrpD5dJVhPnCcE6sq6SByXEr82Afz02u463sXOeRuRa92HC2qnMJB2uexUikzAQRYgnJVK4IS2qHUPlX0rdF3G2EPStpPAsk47MpYI22YKH1_DOWPg7EM-OlnqtVNXeyQrKtj2WBdsrhG853DyJ8EilbWHIXjK__gcscQoD8TziJFsZqT3h34owq9C_8RVg-mNA_h68jDqRQ_tNkpzceRKWXYOIGvsBPNJAEOt_ut98vfdNi2UWJ23wVRynHRvHSeS17hOk-DD-CNPMJnmX9Ec2Rsm0dnjZKKi5AoPrAriabwlHwO7nda6xZB32yWHPZDPnEVDLAx0foZ1FdEkWKaOZGuJyayKcmc7qoTYFPrdHph-BsgGo0q1142su33-XNVsbIMFa8wrLC7ZLn3M8mmNExr6_dH7BIzPYGOWMgsUn52vxwLvq9tAcDCeFIIPy956Nav10QUuxRTZP3peeRqSh1UtKFp5QOKAWWjx9ryswlfi1qFM7gZa41cB12VOJGN1b0B6RSEo5oLuh2LrdYbDlrce62TvgOWmSIOb5aajYYqUBVtdTDb6slZkRHlIWqI_rh4rFcRb8rNSf_iSgtwFbaJFUZcpWcooDJMyuseZI-Lir7WGdIn-oGztzQUfbMzdL4wy1LomKBRYMkjjQ2kT2xTqdiRxJJ-Y0tn3SZN2SsQxebcqWYAwNccP0YtnQU1kGznYJiU0txMRp6FIkDJbCsvLUUGoiuHpRyvpNe7WdmPtEYHC3VYIhyZbxQLvh&cid=CAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXM&rfl=2%2Chttps%253A%252F%252Fwww.winhelponline.com%252F%240
Frame ID: 819112F5249BE92C8DE345D2AE1DFD42
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD0C2382E0BEDD88F08D127B7140C2BE
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7BB340A9EADEF8622D39FEE256D37843
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8E5D030E33A7C272ECA6333417C7DD2E
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
Frame ID: CDC6C59CE979E0BC39ECA708AA81089F
Requests: 12 HTTP requests in this frame

Frame: https://cds.connatix.com/p/160773/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: 9FA07FB4C53D59A4AD1B9DF175E2C31C
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: 9F21AC035CFF42D175B0634F291E8578
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: 35E5858370DEB65706BCC7951384A190
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: 856B6CCA992821DC9B916606A77AF2DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 05A601797ED0D98ED3F1DEEE4065A4E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 31C2955999AA999A88948D92EFF3FB97
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.20.0.js
Frame ID: 83DB9DBF0A583760C956317D3BDF2096
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CE9DE7F02081173C07C72B39EE9343FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What is “Program” in Task Manager Startup Tab » Winhelponlinesearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Wink (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:_base/js/base|wink).*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

211
Requests

90 %
HTTPS

46 %
IPv6

34
Domains

58
Subdomains

43
IPs

9
Countries

2942 kB
Transfer

8951 kB
Size

38
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=What+is+%22Program%22+in+Task+Manager+Startup+Tab&url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&via=winhelponline
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F
Title: Share12

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/winhelponline

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winhelponline

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1

Request Chain 90

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnNRo8JoWhsvPgy1V8y2oAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK39Wk7jQs8awuNdsitYXRU&google_cver=1

Request Chain 92

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI0NTYwNjc3Nzk3ODAyMDkwMQ%3D%3D

Request Chain 96

https://fw.adsafeprotected.com/rfw/bgd/1024657/62770989/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAiK95spsdYWJNBInAaTpsS6pmCIi5rQRqGQdy_IQAshidOiGIXgEOl5-ZIQSME7DM6bGUmH9RKzzgEokUAKAmf-CkUSFI7Zgy1phsQ0-Hj76eSdvxAcUb9VBrscoADyQTHUODjh-KbdZgCI00pmluMsH-QnkO3DZqJBz1p3lijQ2syIUZM8EjVPe69g8Tz5h3NYuzsPIATNuOIjPvLUBSNc_imi--Gg9in-qPwfYaexZRGDmwU9Mjs2_DeXKW4rdjVMiiQw4V6xt3B8D_qK8y937edox_KbqcfV00kN3TR58CJV8ibnAYIayo3KpA5cyJgjXY8cUCbvQ5QGua_G-CzXqejfNQlsxufYwVBXG0Lbu8ZOpp2GvEXeuCToezll0B5ApwRWnOrrPebRk2vwQRpWZ2N8ZUe6b_5kUZt9v_7gg0AzPBCvyv57HmHXhUG2lx6IafWirqxuHuQBlTfTkMU6ibCYlJmIjGYSXjZjJ2IzfPDtooJo_0zzYOAn9fa2lvrdb5udU7W_XAXGhO-PlF6dUB5tYC7Qrp8pSD0QARsBe9P6AvtLTfw8DUdlnDtWQ-rwImTL5vFmFA5V7sNRyVvSO6YnA-SGNc6OeCeyxb3GBYf00IUMh-508MuNdLSJTJNYydMp4TvxLsv9V3zgH_xzHA239pJc-NRBhBdlqFBYDdpP778PFZUDDVm8aAXQuSJlS3plQMWD6QQijDDXRWalD4QiPEs8GcsfIlBxKcBkTNZ45Kon1TMN21xHzpXc8VkZsMxwFBw8hvx5_jM3fQObtJ2ujPyw5yOhXZGbweHK2lyjqg-uE__6Ah2SLjq0xPI_xfGEPxVGPhYgiorWiX9PUjEECE83neljO0d6pa0K7TXcLa9eODKTWDfdjz79lnRJcKrm50LQZ95cIzlKCjMsNG6eVTgWrgDEFmMusV5IaQNEfyLYvHJ-7Y-IEQVKkqRDoQfVRGoqCy1GoldRckL3rwABL4a46ojI0oVsXZl_EPPpoaJ6OF8MAPTjk9IbM_mpn1npV_4Tu6q4Fyar1XnVnnxQM214D7gUqFG1QufujGxBKBIudkW3yuZfu4mmfcbFJwuAykrgaUz7Ftrkq289GUorCYuYQKYUnAyRUbggroTs9D_U6-fZsPlcoUzpr2M-cXT138zaDsVoJupxvmsh8eALubrNYHCXoAec_9RpUqcH9_ecNSG_fblOnR7dqTbNAlHEOtm32YA8LEyuBjpp8FKuj6X1LQ8FRPYBEd644ENlgC4xfafC-7g9XMoIHd3wJz9fYBdFDHhRgdqxIrS1SaTO5oeyqAc90_BbsFZ8YlUCU59fU88MU3nRkgTE2UWFRFnGPiCvsc1bdHZZv6UU2zhHv_kL1l8fPGmxDrjEQoKcUQAfWYO93TZOwx7hpfLNkXVMb21BwDweSn1Ybwj1xqIhzaCev-hNRXwihyHJ69Y7EiJ9axCHPbyGZSl3XLUqrfdV68kp3oAOmxhUrbg9ZO1lDtaOjcbE0L5R7MdMmbZk7CzemxgieCK8gk0O9bopWyboPwC66h_nciyXQAiM4QiA8QyfI80WhD9UH-PHOC6KVOogLshhKjiAWTh8pNQgkRbwDfnaX-NrFtA0sDu6tgv6B0BH9vzh3vE0-hHnS1RJm03Y5xAYWGYIzfiritnaELyLI18EdJI25UnMFrbNN4FFxcjbegFqCxIQIOQZh9JYQlXEwPeWmDXfCMkLAsyIapvvvHJk6DqMVku0fxy22rXpurmHMeLWBHks-cHyTQHt3f7g8bVDczmtMIwKO8PgzURBhGkJt-PHHs2OvWGGwOPo3MHYvWCEXA3gV9I7OO7OeJ5QKpxUJT4knFsbXmQpDL3IF-dggqApmAtbWESHE7cV1hd1_2Hk3RAHPDcRYwjvaiZI4xwCrVDN-4IbDkMGhWzBt8CY3Wdqbzh3Yb5uE-vRe1IgGkp_qrJjs65zw-F7cOZzDT9WTtNrD57o2D2W31vD3EsPPDmxj1wth95iPc1SpQOU4uy776XzDDmNsAml-sNgfApuzLiZMb4OIeFlerndDMAKVa4w8Um71TEwDYkK0UgZaN-NwR8ONmJfhkSzB6eKrITQlMd8TiAU7NgEvMmgZVtncGPwkQ-a0e5nNuNNmnCoEy1LcIkEps4zZ-Qfz--T8q7HO_QQ2O4kf8aS2DXmUx0LZOoG0SPMXx-LDaQZibA5u0dKv361A3B5u2FF_8NBNH9EYffja1qPNyudjZoz9gi2cNm4s-1h6EH8tm1Ehh28nYvSbLwet_QjUJHiE7HVn5Bk7yeEt6VO2XEl4Vzg2pR0VFlLJhTBg5zHHuqDRX_KJlYgEN8cKrNexbTFKoIUZr95PCt-UhqAgfl6Bd7qDd6PH48BPm8TxycYKrlYjhcwDTn_V5QFlCyvU25AmxqtpxwJTxZREpI4qs-1OQaa5ZOXBvm0DGrP_Q0NvNDA6ifIVHE70wP8eo2qLeggi6FjopSFyMpslpthTFQvVJU0D_u91jvA3XLvY0ZHEWHr9x4yP0PX_IUgFfQTT-HjIXbmULGpoixJpiOdpzRl2RIBu56bdgCqVshJKudiXy69EVANk3xwqrCVckwNrpOXVv_9lm3dOLVB5rB2Y-y4FnTer3swr5hpsTn4T4VvEhm8Wzz6xWJt9fQAon9v0Ewvm7wbwFm5ju9g_K7xy0oMNfmhvs4UbauLu3VAOVHZZpjfYkuYNzgIhhvYsc-MPWxWp-TdLXTP_Gq1L9jE156AaUNS-W-lQZ7B-GOY2opAyiY1pcuLRAL8C9BacQYTw4HRed4aYy8KE8yqn8xsmqjHHy6K54J3dSHH0pXd1tKtK6tIp4gAJMRdvGz9pBzBuXJJKzHGPLL1SFo8e8inJan-K-3tEph4dD6fn269trKG535Q5FWpgJWvjMhEsBuwT5dFQQ4EMmqKBSKoTlKADawXVi2P8858Lgqk1Q5256x51hOmDXuYalq4pfzQ3IXx8eOU7ogHxaSBKQKQt9TH-cyJgUbC10AZFkEFSaMkizs2lzifJbQAkQEFACokL9VrhqEWa4kzGXEl2iC66QzkUXTBLGe2pCh2Jy1aHH7zVC0fqDRoft0pHRdZLi1b5U8KKaIc4JM-EZprsPpTE54qSekuCTxKwQ2hbWeZlGJ2GDBsscMTGBqfoEis0cDm3ktOdue0jiXNXLLF9CWBq46u9LX88u_7hMZYc4BhLLBLIG79IieBmE3zk-nbpKdvzoFyrDjdnnjpcMRx3ZDSTZZ9kvz102he4ij2SvdH5uvcl2RTq1grxPiINfS6QmBxUZTgMbuxCa4wMxhyBA0tDkAixdk_qZy3ScV1UFacF8-34Obfbd9ioEvd51Krq2lzR4km2AQd7_gE6ENCftkiU_aSF-rG4qU6zP4PIIJtmGl7eF1HGc2PJV9X1Lr-MQi1BR8PA8zZNmDqmR3mKsM8uMI6Ecb1OM-ybbUubIi6XOQQZahgm-zko9HO8i6jG1p1BjgGRY4-2qchopCAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXNgAQ&ias_dspID=3&ias_campId=28132469&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=17053386653&bidurl=https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gQg4dQuTaJXsowaMAQuanI&adsafe_url=https%3A%2F%2Fwww.winhelponline.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.winhelponline.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fbae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:eaff84ff-8773-6b2f-5b92-f1d1e99f919f,c:bI7UWh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-gbscv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t4VKxI8+11%7C12%7C131*.1024657-62770989%7C1311%7C13121,idMap:131*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:57c6f743-cc2b-11ec-a650-aa70b64bbed6,v:19.8.306,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAiK95spsdYWJNBInAaTpsS6pmCIi5rQRqGQdy_IQAshidOiGIXgEOl5-ZIQSME7DM6bGUmH9RKzzgEokUAKAmf-CkUSFI7Zgy1phsQ0-Hj76eSdvxAcUb9VBrscoADyQTHUODjh-KbdZgCI00pmluMsH-QnkO3DZqJBz1p3lijQ2syIUZM8EjVPe69g8Tz5h3NYuzsPIATNuOIjPvLUBSNc_imi--Gg9in-qPwfYaexZRGDmwU9Mjs2_DeXKW4rdjVMiiQw4V6xt3B8D_qK8y937edox_KbqcfV00kN3TR58CJV8ibnAYIayo3KpA5cyJgjXY8cUCbvQ5QGua_G-CzXqejfNQlsxufYwVBXG0Lbu8ZOpp2GvEXeuCToezll0B5ApwRWnOrrPebRk2vwQRpWZ2N8ZUe6b_5kUZt9v_7gg0AzPBCvyv57HmHXhUG2lx6IafWirqxuHuQBlTfTkMU6ibCYlJmIjGYSXjZjJ2IzfPDtooJo_0zzYOAn9fa2lvrdb5udU7W_XAXGhO-PlF6dUB5tYC7Qrp8pSD0QARsBe9P6AvtLTfw8DUdlnDtWQ-rwImTL5vFmFA5V7sNRyVvSO6YnA-SGNc6OeCeyxb3GBYf00IUMh-508MuNdLSJTJNYydMp4TvxLsv9V3zgH_xzHA239pJc-NRBhBdlqFBYDdpP778PFZUDDVm8aAXQuSJlS3plQMWD6QQijDDXRWalD4QiPEs8GcsfIlBxKcBkTNZ45Kon1TMN21xHzpXc8VkZsMxwFBw8hvx5_jM3fQObtJ2ujPyw5yOhXZGbweHK2lyjqg-uE__6Ah2SLjq0xPI_xfGEPxVGPhYgiorWiX9PUjEECE83neljO0d6pa0K7TXcLa9eODKTWDfdjz79lnRJcKrm50LQZ95cIzlKCjMsNG6eVTgWrgDEFmMusV5IaQNEfyLYvHJ-7Y-IEQVKkqRDoQfVRGoqCy1GoldRckL3rwABL4a46ojI0oVsXZl_EPPpoaJ6OF8MAPTjk9IbM_mpn1npV_4Tu6q4Fyar1XnVnnxQM214D7gUqFG1QufujGxBKBIudkW3yuZfu4mmfcbFJwuAykrgaUz7Ftrkq289GUorCYuYQKYUnAyRUbggroTs9D_U6-fZsPlcoUzpr2M-cXT138zaDsVoJupxvmsh8eALubrNYHCXoAec_9RpUqcH9_ecNSG_fblOnR7dqTbNAlHEOtm32YA8LEyuBjpp8FKuj6X1LQ8FRPYBEd644ENlgC4xfafC-7g9XMoIHd3wJz9fYBdFDHhRgdqxIrS1SaTO5oeyqAc90_BbsFZ8YlUCU59fU88MU3nRkgTE2UWFRFnGPiCvsc1bdHZZv6UU2zhHv_kL1l8fPGmxDrjEQoKcUQAfWYO93TZOwx7hpfLNkXVMb21BwDweSn1Ybwj1xqIhzaCev-hNRXwihyHJ69Y7EiJ9axCHPbyGZSl3XLUqrfdV68kp3oAOmxhUrbg9ZO1lDtaOjcbE0L5R7MdMmbZk7CzemxgieCK8gk0O9bopWyboPwC66h_nciyXQAiM4QiA8QyfI80WhD9UH-PHOC6KVOogLshhKjiAWTh8pNQgkRbwDfnaX-NrFtA0sDu6tgv6B0BH9vzh3vE0-hHnS1RJm03Y5xAYWGYIzfiritnaELyLI18EdJI25UnMFrbNN4FFxcjbegFqCxIQIOQZh9JYQlXEwPeWmDXfCMkLAsyIapvvvHJk6DqMVku0fxy22rXpurmHMeLWBHks-cHyTQHt3f7g8bVDczmtMIwKO8PgzURBhGkJt-PHHs2OvWGGwOPo3MHYvWCEXA3gV9I7OO7OeJ5QKpxUJT4knFsbXmQpDL3IF-dggqApmAtbWESHE7cV1hd1_2Hk3RAHPDcRYwjvaiZI4xwCrVDN-4IbDkMGhWzBt8CY3Wdqbzh3Yb5uE-vRe1IgGkp_qrJjs65zw-F7cOZzDT9WTtNrD57o2D2W31vD3EsPPDmxj1wth95iPc1SpQOU4uy776XzDDmNsAml-sNgfApuzLiZMb4OIeFlerndDMAKVa4w8Um71TEwDYkK0UgZaN-NwR8ONmJfhkSzB6eKrITQlMd8TiAU7NgEvMmgZVtncGPwkQ-a0e5nNuNNmnCoEy1LcIkEps4zZ-Qfz--T8q7HO_QQ2O4kf8aS2DXmUx0LZOoG0SPMXx-LDaQZibA5u0dKv361A3B5u2FF_8NBNH9EYffja1qPNyudjZoz9gi2cNm4s-1h6EH8tm1Ehh28nYvSbLwet_QjUJHiE7HVn5Bk7yeEt6VO2XEl4Vzg2pR0VFlLJhTBg5zHHuqDRX_KJlYgEN8cKrNexbTFKoIUZr95PCt-UhqAgfl6Bd7qDd6PH48BPm8TxycYKrlYjhcwDTn_V5QFlCyvU25AmxqtpxwJTxZREpI4qs-1OQaa5ZOXBvm0DGrP_Q0NvNDA6ifIVHE70wP8eo2qLeggi6FjopSFyMpslpthTFQvVJU0D_u91jvA3XLvY0ZHEWHr9x4yP0PX_IUgFfQTT-HjIXbmULGpoixJpiOdpzRl2RIBu56bdgCqVshJKudiXy69EVANk3xwqrCVckwNrpOXVv_9lm3dOLVB5rB2Y-y4FnTer3swr5hpsTn4T4VvEhm8Wzz6xWJt9fQAon9v0Ewvm7wbwFm5ju9g_K7xy0oMNfmhvs4UbauLu3VAOVHZZpjfYkuYNzgIhhvYsc-MPWxWp-TdLXTP_Gq1L9jE156AaUNS-W-lQZ7B-GOY2opAyiY1pcuLRAL8C9BacQYTw4HRed4aYy8KE8yqn8xsmqjHHy6K54J3dSHH0pXd1tKtK6tIp4gAJMRdvGz9pBzBuXJJKzHGPLL1SFo8e8inJan-K-3tEph4dD6fn269trKG535Q5FWpgJWvjMhEsBuwT5dFQQ4EMmqKBSKoTlKADawXVi2P8858Lgqk1Q5256x51hOmDXuYalq4pfzQ3IXx8eOU7ogHxaSBKQKQt9TH-cyJgUbC10AZFkEFSaMkizs2lzifJbQAkQEFACokL9VrhqEWa4kzGXEl2iC66QzkUXTBLGe2pCh2Jy1aHH7zVC0fqDRoft0pHRdZLi1b5U8KKaIc4JM-EZprsPpTE54qSekuCTxKwQ2hbWeZlGJ2GDBsscMTGBqfoEis0cDm3ktOdue0jiXNXLLF9CWBq46u9LX88u_7hMZYc4BhLLBLIG79IieBmE3zk-nbpKdvzoFyrDjdnnjpcMRx3ZDSTZZ9kvz102he4ij2SvdH5uvcl2RTq1grxPiINfS6QmBxUZTgMbuxCa4wMxhyBA0tDkAixdk_qZy3ScV1UFacF8-34Obfbd9ioEvd51Krq2lzR4km2AQd7_gE6ENCftkiU_aSF-rG4qU6zP4PIIJtmGl7eF1HGc2PJV9X1Lr-MQi1BR8PA8zZNmDqmR3mKsM8uMI6Ecb1OM-ybbUubIi6XOQQZahgm-zko9HO8i6jG1p1BjgGRY4-2qchopCAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXNgAQ

Request Chain 107

https://a.c.appier.net/gcm?google_gid=CAESEFAQWn1wMfRAMp5TvAbVH1s&google_cver=1&google_push=AYg5qPIRK0qFIsYgzpfLyFIDcxnh7FXP_GMc3M2IlE6w6846Y_lxYiI3z6XmOR1D2s3ktU2rP3v9Xc0AOwTQlU01Uffh8Gxw93A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TDFDWG8taUNEemV2OFQ0RnBGRnpZZw%3D%3D&google_push=AYg5qPIRK0qFIsYgzpfLyFIDcxnh7FXP_GMc3M2IlE6w6846Y_lxYiI3z6XmOR1D2s3ktU2rP3v9Xc0AOwTQlU01Uffh8Gxw93A

Request Chain 109

https://d5p.de17a.com/cookies/google?google_gid=CAESEAq0IZWra9QahZ2A_G88Mck&google_cver=1&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4YwEBQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAq0IZWra9QahZ2A_G88Mck&google_cver=1&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4YwEBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4YwEBQ

Request Chain 110

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENzkJdny6c047lzkpl61hlY&google_cver=1&google_push=AYg5qPILucitLupuYbU8LN0kELPmGyZpJv2Jf-XPZGBDNkaTiQEWJrqv4dEXkJ_APsEp-P50OgJlWpMYSzYPkxxsMfqVrRGBMwDG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILucitLupuYbU8LN0kELPmGyZpJv2Jf-XPZGBDNkaTiQEWJrqv4dEXkJ_APsEp-P50OgJlWpMYSzYPkxxsMfqVrRGBMwDG

Request Chain 113

https://an.yandex.ru/mapuid/google/CAESECEH4wgw5RKHzgfNKhY-gHo?ext-param=AYg5qPIyoo7Kqnd2etYceK9Xv8GBvv6FHlvuxaPCJWMKU_RgQsDnDz9fLR4GD1lnFpAP9D1G58_amGyG8hqXknay67jwNEa_57Rz&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESECEH4wgw5RKHzgfNKhY-gHo?redir-setuniq=1&ext-param=AYg5qPIyoo7Kqnd2etYceK9Xv8GBvv6FHlvuxaPCJWMKU_RgQsDnDz9fLR4GD1lnFpAP9D1G58_amGyG8hqXknay67jwNEa_57Rz&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESECEH4wgw5RKHzgfNKhY-gHo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 134

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/160773/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Request Chain 189

https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YnNRo8JoWhsvPgy1V8y2oAAA%261203

Request Chain 197

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=8b22b99d-b460-428f-a648-c57a078da0ad&us_privacy=1---

211 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/ 352 KB
68 KB 1146ms
1115ms Document
text/html 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f9bf9c4298beb31b2e764fce4c438f6d9a7e509a94a0ced56f23bd967bba74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7066b5c74edd9a0c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 May 2022 04:25:04 GMT
display: pub_site_sol
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 04 May 2022 04:25:04 GMT
link: <https://www.winhelponline.com/blog/wp-json/>; rel="https://api.w.org/", <https://www.winhelponline.com/blog/wp-json/wp/v2/posts/6479>; rel="alternate"; type="application/json", <https://www.winhelponline.com/blog/?p=6479>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA4zhMv%2BmJ308OSKPBGNCT0rSmUzbEOlaxrg4XEc4n7aClgSEH0icHw5xOOsUY%2Fpta4zx60UnLoepsZpgAKwskRS0D3jWe35DzD2gcsMjwmSNPZIfG5s2qwWY0Pum9jkG2n8Js6cosK9INbOCzVId%2BUIPg%3D%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-ez-minify-html: 8.57% 300466 / 328639
x-ez-proxy-out: true 2.3
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site
x-ua-compatible: IE=edge

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 85ms
31ms Script
text/javascript 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3ff1f0bc7d6a02e23a56c724428fd9d49fefeb61cfdae76310e0dfcdde4d88cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28460
x-xss-protection: 0
server: sffe
etag: "1205 / 483 of 1000 / last-modified: 1651702050"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 May 2022 04:25:05 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 369 KB
109 KB 55ms
25ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afac23f3cf37d9d0c0fca7e5afea87f81de6b2531041729a7cc3940fac24f4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 16:20:57 GMT
server: cloudflare
age: 129848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fcRntoY3QrwLg42DRaxVb0Ij4oNMNZni%2FTZL87XXuLG1Ve9YEQ0c4BRKI5hqEesjpggMDKh5yDWxBYzo84VXCxBlKa%2FoM%2F54aFFzKWqlv6C4NL4owvgO%2F%2BF%2B09AGlfeIGMTVAIyydaCR7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5ce9af59ba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 40ms
10ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding: gzip
etag: 4abd427e43cd6822329a2c05539e321f
age: 707
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1QMGTSH1EGTXY2PC7XJ4
date: Thu, 05 May 2022 04:13:39 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -hzzx9pYaw34QB0qTQqlWuSKsNItn4cJ0ctata3W4P0U3l1303_t8w==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 07:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 07:39:28 GMT

GET
H2 200 blocks.style.build.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 0
589 B 19ms
17ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.9.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;97a2316724357725ed5b3389120ca033;2-105367-20;98c0691b-d013-45c4-76cb-f8441f8e833a
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
content-length: 0
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"8a1-5c79151797f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: NaN% 0 / 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWlZ3oYZUmlly4SjQB5hwvWN7MyJTCQYHvBAevMCfzq3pFkutE8dGeRv%2FxQ6Q32WNv9JI%2F%2FRiaE1svjxta94sE3oWFxcyPSfoe%2BGavt4I%2BPAtrV%2Bbj2vvT65Bn2wJj4xFPT%2BtzT%2FB2rXqJ8FeNhfLbaX6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
accept-ranges: bytes
cf-ray: 7066b5ce69ff9a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 mediaelementplayer-legacy.min.css
www.winhelponline.com/blog/wp-includes/js/mediaelement/ 304 B
528 B 19ms
17ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f34684a259313530cb1a486208b398b41ba94c92b23e154fa708d103407456a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68202
x-ezoic-cdn: Hit ds;mm;dc6c1ce5ee80c61bf60324f6dc23a0eb;2-105367-20;6bd73bb8-17c3-4b5e-6ea5-e6e178b5fe06
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"2bf8-5b5ff5afbe4ad-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.94% 304 / 310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnQiDrbas%2BEWJ6qi9ec5rflTc%2ByZghyqLnncXNeTlUfHhcwzdsOAp7pze%2Fl6%2F%2F7lbSqNHP1l4Ow0Tna7%2BDlz10bIe9Mgj%2FY5nPMD8uNK%2BwtaOHhwgPkCYqMrdjuJCeVW27q08ZyA93lFCip82nW%2BJQUffQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a019a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 wp-mediaelement.min.css
www.winhelponline.com/blog/wp-includes/js/mediaelement/ 103 B
492 B 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b20986c3ef4e76f463753e68a13de7d724993fc145126006dca0d2363c57a996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 3773
x-ezoic-cdn: Hit ds;mm;3c493162d034d4b7f6602860500dfc51;2-105367-20;50d518c7-340b-45b8-615a-0641070f741b
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"105a-59730f8a0b18d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 0.96% 103 / 104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjU91zsIbwWfoEC%2FCYPg9w83OzxXiyHvCSzpakfQPW4VIcB2erg1IK6j4ut4mjpNd6d7GFV8bY0NJxD88dzh3krX%2FRrjIRW6piSJ9R7arw8mIZl7KuGE%2B2NfXj9hV2VzP8ih5cKfZX%2FgYlnau9Z%2F56fLgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a029a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.min.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/ 24 KB
4 KB 24ms
22ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.3.0&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee5fa1c3b3dc042135847f4435851a8131259b8e4693f9cfef968d871596e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;eb6f16fa5d02d88589d61d0e3dd91f9f;2-105367-20;4c5464f7-5d2b-46a3-6529-a16b82398dab
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"15c19-5c7915179601f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.06% 24710 / 24975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rvDxMZBQdWN7gfllL2OqP7AY1Zw%2BS4WPk0Esx%2B954h1bkHqfEcZKUtUDHc6FxE4Dme%2FBSOQF%2FfTeJcJUmPH220Rkfn4FNKF1F3MQcMyP7Aedg6kRjGGnebz8swAkJVsGe6hkZD%2FeutOCsypmJm3lDYUlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a049a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 comments.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 1 KB
1 KB 27ms
25ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff090787af2bd6b4fc36d3c4861602d95fa4df9d917b56c50db50f7809a411f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;f61f95036701413c6f3581bbcf12d528;2-105367-20;b7555dfb-2ffb-441f-7497-dbcd63c2db0a
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"5d7-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 2.15% 1274 / 1302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tU6VUVnilFstrVJX2ew6liN3RbIQ30JzJXYhBxIC6azEYrywDhGxQwi1Bv2EiwKZJ5BCYYITQlaHmAoBsqN8nv8fNzTxYMxpYlX02vkbkaruXHXDN7bgU%2BEu2tvbYUFohat9WSIMxmXOqLoCb4RBZ%2FFr6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a059a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 widget-areas.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 2 KB
1 KB 21ms
19ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faec8eb1d835361aefcf57fb0c55d7ad0d90a3ca389a17f85ad8bb71436059d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 3772
x-ezoic-cdn: Hit ds;mm;ddcbcde0c343b333c37ac742115a080e;2-105367-20;8f5abdc6-a0cf-4dde-412f-ffb0e5adad4f
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"d1e-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.92% 2039 / 2079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvyEOP%2FDs5DMwbL7iVWJr0nQSD7KuLvM1vb2eNELZDOETUKKjgZkbM%2F3sN3obw%2Bd9fSU4R2rc%2BtvHwKW5Rt7bQmJ92OR4IZfRRTJNb6Q4c%2BSss%2B4Z7dmLfzMlNH1Svz6jhZgZKFpeARX2R1LhBGimo318w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a069a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 main.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/ 14 KB
4 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6c5d27bfa0906abb7cd73ddd3b2192cde45c0b467aec2b537cad7e87fbea15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 3772
x-ezoic-cdn: Hit ds;mm;8560d06f5e3bab4e79638dd9da852d92;2-105367-20;7cdb96d9-89f6-4357-5362-f324b085807a
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"4c36-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.64% 14182 / 14418
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GECAp%2F7p1S6454k5r%2BKho%2BMeZdbxJ0SucLkkXiKeKWMFbpa15Rcc%2BxEQn9UJxBWDoo0VDvrHwW28j%2BBKfw8MuAVEHEiAGmL2nCjQ5IKRZ%2BYTtzJLukCVE3%2BPZaSdyxYX36uzRaFq2LoSc%2B8sflVPUCrhlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a079a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 font-icons.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 24ms
22ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1828bf81900712b9608e42b8d18d0162c657bd263b035e937d0548462600f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;50e6846eac46c19ac4e90ababc2bddd8;2-105367-20;489f2544-162c-491c-5b22-a2f022725407
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"b94-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.36% 2748 / 2786
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp5yjGj0O5w%2F25ynorc4rcE7uNLzvueT5dyDWvJqTXp5kuIyyFpxcLAg0kNsgsVgQ1Xgr%2BqXGVaPeOZ94RCiTaxXl3dIDXWWV0A%2F0zAgX%2B6iFpwA6tmg4%2FgJHCiTtIHvGmk7fWT7dK7BulRMAoicLCfVVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a089a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 front.min.css
www.winhelponline.com/blog/wp-content/plugins/cookie-notice/css/ 4 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.9.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53854d418fb6f06bf45e45d98c7405a8ca71d21269813d73ca1f0d0adf51c27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;0168196ca27c050270f7bf97402729c8;2-105367-20;39b830e1-b174-445a-72da-309a5d2e8040
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"14ce-5d92b0350c0c5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.67% 3704 / 3767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXkgM%2FXwxNO2ZJ1%2B9XtV3v%2BhduGtlMaHTbrNgr16Z3Aos6gMqOKNkrnvoQJcpQkCmh0vlir8CSt406EdmRmP00cJMJSYzX6NG84VxGpbqbEukTz%2FxrtuCdWMY%2BKvpTDifjoh283nlZQhJ7XxCBMnvsfCtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ce7a099a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 generatepress.woff2
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 19ms
19ms Font
font/woff2 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Origin: https://www.winhelponline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
etag: "4f0-5d79998b74107-gzip"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397309
x-ezoic-cdn: Hit ds;mm;aa1d57d151a635a716aaa545aa8c10de;2-105367-20;5766d672-217f-43ee-7c16-63187800aee2
x-middleton-display: staticcontent_sol
x-middleton-response: 200
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
content-length: 1264
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.winhelponline.com
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vroFrOcdI69aSAivcZhlljK0E0%2FGHDm9a9klV21vslrUgexjE0HR9V7BXTtPmo84lD7h70yL1lRvE6DUPhYbsLKjg2zvPAMPJs9VNJcxKfWyoY2OKXiUw3j1VkLu3GZdmvSl9%2BW4vpnaRBQUQtu7g%2FxPgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ez-proxy-out: true 2.3
accept-ranges: bytes
cf-ray: 7066b5ce7a0b9a0c-FRA
display: staticcontent_sol

GET
H2 200 taskmgr-startup-unknown-program-1.png
www.winhelponline.com/blog/wp-content/uploads/2018/08/ 12 KB
13 KB 21ms
18ms Image
image/png 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/uploads/2018/08/taskmgr-startup-unknown-program-1.png
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bed9abbda72f710be203bc404d0cab15f7457e58ce28a597b1fa4a90aa2f03d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3772
cf-polished: origSize=12771, status=vary_header_present
x-ezoic-cdn: Hit ds;mm;a5e83f65240c7de0f46e162d1dfc5437;2-105367-20;5bf0ee44-7cdf-4c91-4ebf-1e88619daa54
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: "31e3-57c1989301bff-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQpSXIVT7l1KSg7LN%2FrqXvNfVRusZm92CFPTwwG%2FnD7O12KQ%2FFf1h%2BLZJs%2FaTHJUflazjFqXlVgx%2FWdJGJRQKBKcBqL3VAjUxqyC9oGKO88DbaQTENkzbCUTmc%2Bt2RBhUj4%2F%2FREByi3SZaLOwxdUUYOMfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ceca8c9a0c-FRA
display: staticcontent_sol
cf-bgj: imgq:85,h2pri

GET
H2 200 menu.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400149
x-ezoic-cdn: Hit ds;mm;be3fbe22adf04bf125214f75e4eb54df;2-105367-20;7275a4b2-b130-4591-5662-1c7802b58f91
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"1b1c-5d79998b73167-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iD%2BXZW7kjwuJR%2Bnp6%2FkCUeNFF9UJ65jaQ%2BSm3UttMcDMnKlyLhE2rw4uzN%2FY5l4Ou9gcLoDfEFIzEKR1kfbd6yOHJ7099e6UNAMw7Lh0eC4NMv%2BRmoHv28pbDHGQMcnGUlqqzS5UrYLdxs9BGIKm6kE1SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.00% 6940 / 6940
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ceca899a0c-FRA
display: staticcontent_sol

GET
H2 200 navigation-search.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/ 2 KB
1 KB 21ms
18ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400149
x-ezoic-cdn: Hit ds;mm;a5384132dbf4ed3a88764f15b8769954;2-105367-20;59606c22-48c0-45b8-758b-e4511afcdcb6
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"858-5d79998b73167-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FolSp0Bvow6pa31YPYNO%2Bxd4K%2FCrpFbkmYIbt0rshHPEYrxwV5n4lV0Sye5%2F8QjwCQAvA2MT5As8XM%2F0UkFrKEQYy%2Bq3iybUQTG7WCB6sNd45kqQ%2BgiOolozG%2FeQgR6F7FNtavVJLYSJaM7jg4VlxExKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.00% 2136 / 2136
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ceca8a9a0c-FRA
display: staticcontent_sol

GET
H2 200 altconsent.js Show response
ezodn.com/cmp/ 396 KB
99 KB 39ms
26ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/cmp/altconsent.js?v=9
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4adb3837e4411342aa9b52dafd1646c32196b17c56c5420b77b9abebebe0f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Feb 2022 08:11:21 GMT
server: cloudflare
age: 222425
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQkQuPgT6OSBqaemm0gLcljsbGdXhJiQ4uWu9uN8E13yEWnuAWftzZQdC48hNb6Eso3qQavFZpGFesAa2k2qzHoZkmdtSiJfM6KK95RGLvHPCMYFguBNMwG3PYBUqFdyhAUsq911yUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5cedb3b9ba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ezcl.webp Show response
www.winhelponline.com/utilcave_com/inc/ 1 KB
1 KB 66ms
63ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
x-sol: middleton
server: cloudflare
display: staticcontent_sol
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK22077PybrgChtpADY2Ffk4uh8TvLgBVjHMAQLu8zK8fHzXQnwZGIAVeD%2FnXmjttjsZoBSj8kO6D6bboMAxcgT%2B1wgugvXSmAQ%2Bw0WSUu0jSj4CpxMx9WmI1g6C48%2Bfgb6mP33IoZ5y%2Ba0jf1yWHXbw%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ez-minify-js: 0.00% 1337 / 1337
cf-ray: 7066b5ceca8e9a0c-FRA

GET
H2 200 banger.js Show response
www.winhelponline.com/porpoiseant/ 53 KB
13 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=195-8&bv=111&v=58&PageSpeed=off
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b040efac22c7e29da7486b648b1f76f9321793bc9484708849d487fdb282575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Apr 2022 19:00:34 GMT
server: cloudflare
age: 638671
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PM5ThO66tOZt2tvqA14i%2B5Wc08oOblxyw09NMkrdkrcEaehlaFlLACq5udcDaE75Ae%2B29WvITy0KSAPzmYunPdd%2BJLkU%2BewmxHXHBSTqHNoy0HFkA9y6LfDzyXgUXy4JlVu%2Bc%2F%2BPB3ecArbDVEKe%2FB6QFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5ceca909a0c-FRA
x-robots-tag: noindex

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 356
date: Thu, 05 May 2022 04:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 06:19:09 GMT

GET
H2 200 cmbv2.js Show response
www.winhelponline.com/detroitchicago/ 87 KB
27 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9a8e8851be4f5635d06e6d51fb956ee388002ebd640a6e8805429e87953151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 May 2022 00:46:59 GMT
server: cloudflare
age: 99486
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fi2Rh8Qm1J%2B8z7n6Dm8WojEZn4C4oQhv0dY3u7sb%2F2JjXpuQFVqtrqRsVUKRKeuL8J7wNkoBojzH2kVpneU3IBUC4fiJvt3QRBCrhS6q1aaW190CTz056LHvS9iDFdq6z4y6v4tauyROQ7TXVMffwMzrmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5ceca939a0c-FRA
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79adca0f6f45b5b422942d82bce6dec8e1c6fb0e1d6441c0aff78f939c67eeca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56487cd450ab75c64be8f8ee82735454d2a036823fd75c1168f19552277689f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4d38a141fa88d8c86231ef44e23939a5bf35295b8c9adce2804b0f8bff04b45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46e5d21cd5246cbefde00429b60f3b8d354f7b968920a828cbeecba8069494ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1960ad018010d4f9856e97ad7318ec9e4844cfa31755e235928c6b656e4fa3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sw-icon-font.woff
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/fonts/ 7 KB
8 KB 21ms
20ms Font
font/woff 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=4.3.0
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607f69d2ac4f67c9ab5753f5176c18096b5b6d1128ab9f9da3720563c0824e64

Request headers

Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Origin: https://www.winhelponline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397309
x-ezoic-cdn: Hit ds;mm;01dc9d22dcdfea96bce7f11b74980835;2-105367-20;1569022a-1371-4c64-5ea4-fe488c590e1c
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"1d84-5c79151798eff-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.winhelponline.com
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzNx1SUp2d3qPL2enkLaVkQ6Fh5oh1ehdfHq1uQLCMwa9%2B3z%2BpNSSGQH3KaKAMCfGAr6t%2ByeKlRsXBaK%2FFuLqRKIYzOyov01OdVB8TJ48Le9HeWoDCQPzjsMDCHH3%2B07iG7sBtyE0Xf4hBWxSp3rZDVMNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ez-proxy-out: true 2.3
cf-ray: 7066b5cf2b319a0c-FRA
display: staticcontent_sol

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6846df87d479b84226e57ca790f006a26dbaada56ad74190448f67596f4bcfd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdefd54d4cb6c969200547615c1c5791ffc29770f89c211226f2f62d0d186220

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nmash.js
www.winhelponline.com/porpoiseant/ 24 KB
7 KB 18ms
17ms Other
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/nmash.js?v=111
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8cb078c7625dd9858482bbef8e905e31599a6d1e5a93111273210da5f51f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Apr 2022 18:15:37 GMT
server: cloudflare
age: 638671
etag: W/"6114-5dda6cbd9c902;5dd2a9adb9500-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkRg1sDPuxeXNlAGeOEETTzgJo8hEZuRfRpT%2FiWf8ypMqncczhcC9VKDhq%2FzjBfGKnHeCCxiWSagnMEAawd3ij5cCLueoR5N81Zkf1AY1hoslX%2Bu3PQO9PauRW%2FKo7JLRChRuaHTz2hGJ1WSwfZYmLgKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5cf9be19a0c-FRA
x-robots-tag: noindex

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=794632280&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&ul=en-us&de=UTF-8&dt=What%20is%20%E2%80%9CProgram%E2%80%9D%20in%20Task%20Manager%20Startup%20Tab%20%C2%BB%20Winhelponline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1315341366&gjid=1578243198&cid=2039225275.1651724705&tid=UA-4931296-3&_gid=2061130882.1651724705&_r=1&_slc=1&z=1537491417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp.gif Show response
www.winhelponline.com/detroitchicago/ 43 B
430 B 44ms
44ms XHR
image/gif 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C3%2C35%2C35%2C35%2C35%2C21%2C0%2C0%2C0%2C0%2C22%2C31%2C36%2C1%2C1%2C1%2C2%2C4%2C30%2C700%2C703%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A22%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A4%2C%22city%22%3A%22Amberg%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A13%2C%22domain_id%22%3A105367%2C%22domain_test_group%22%3A20210308%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22602%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A10%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1102%2C1102%2C1102%2C1102%2C1103%2C1103%2C1103%2C1103%2C1106%2C1109%2C1109%2C1109%2C1110%2C1111%2C1127%2C1128%2C1138%2C1147%2C1149%2C1700%2C1703%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2266169297-4850-47cd-5d57-154271127c3b%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2292224%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A133199%2C%22response_time_orig%22%3A659%2C%22serverid%22%3A%223.66.212.192%3A23489%22%2C%22state%22%3A%22BY%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1102%2C1102%2C1102%2C1102%2C1103%2C1103%2C1103%2C1103%2C1106%2C1109%2C1109%2C1109%2C1110%2C1111%2C1127%2C1128%2C1138%2C1147%2C1149%2C1700%2C1703%22%2C%22t_epoch%22%3A1651724703%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1769%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSYR1Cv4dJ6TlajTyV%2BxqEyODOs3cuQqmGINtNPpZPIWhM9t73Q7sXqCoEb3nYUwMhE9GntS9dlcJTazWueFx4XpCFzcJvUtP3twkULxfgb4tJOzRhenVDjrPQvBchFQW3i12r77UjrIwz7Tdm%2BdbKJWxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5cfbc099a0c-FRA
content-length: 43
expires: Wed, 04 May 2022 04:25:08 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 cmbdv2.js Show response
www.winhelponline.com/detroitchicago/ 49 KB
13 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/cmbdv2.js?gcb=195-8&cb=03-5y0c-5y18-4y37-23y5a-21y5e-22&cmbcb=62&sj=x03x0cx18x37x5ax5e
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3b03236a3e422f31a4745a5616fc50cb5159bdd5922b43ff29505ee1638835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 22:49:36 GMT
server: cloudflare
age: 106529
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW0%2FJh6NcHdtAAe%2F6Jm0g33%2BLO2eT1ejN7pxET1ISWTbo8Ag8vgB%2BtNcB66%2FlA1%2BDl%2FyH4hapVCm78HbGgW2uuVF4%2B15hqiadSGgJYVoP%2F4IAwz9HCNwOUrnqiWkEqgpnpFzCf0ZdJdq%2F7OWrusE5fFW2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5cfbc159a0c-FRA
x-robots-tag: noindex

GET
H3 200 pubads_impl_2022050301.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 37ms
11ms Script
text/javascript 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 09:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127789
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 May 2023 09:24:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 185 B
142 B 53ms
27ms XHR
application/json 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f78b259d411a760917e22d74b3647bf14b03c63ca6ea07be68802772e4dc1683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Thu, 05 May 2022 04:25:05 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
748 B 11ms
11ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.winhelponline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:17:16 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
age: 469
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 385
x-amz-cf-id: GENrVzjdZOuZfTPUlEeFC1Cun29AErRLTxMNUUyGww0AfPovz2k4JA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 55ms
55ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&pid=XFSbx3s4qpx7k&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-4-0%22%2C%22s%22%3A%5B%22580x400%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-leaderboard-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-leaderboard-1-0_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-leaderboard-1-0_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-leaderboard-1-0_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-medrectangle-3-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-medrectangle-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-1-0_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-1-0_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-1-0_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-medrectangle-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-banner-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-banner-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-leaderboard-2-0%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-leaderboard-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-2-0_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-2-0_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-box-3-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-box-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-medrectangle-1-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-banner-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-banner-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-mobile-banner-1-0%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-mobile-banner-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-winhelponline_com-large-mobile-banner-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C1041599%2Fwinhelponline_com-large-mobile-banner-2%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C6a88ed6ade2b65744bd01fe8f1ae3c0c%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 2H85H53DD24V48D648YA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: hFvcxnQrRkGkjoe37Tt65sdwRIM0Av5PuR2sUr9_3ySB9_vJt-V7rw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 27ms
10ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 7576
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
date: Thu, 05 May 2022 04:25:05 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2WvhWsL_mUCUhtFxnFLXsFwZsxDtrnwxndp5p0jpJNyQA6OIWilUTw==

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b85bcb075a13466616c573a91f310265b48c0879b56e003d4d3b7c421eee188

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 56ms
7ms Image
image/png 2600:9000:2156:3800:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 07:27:28 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-sol: middleton
age: 248257
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: -J8gQtebdscoF2Rkb-rmmtFoGVx2AcsufL5eyzH1kOe4_a1dSNxH0g==
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: nginx
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
display: staticcontent_sol
expires: Mon, 09 May 2022 07:27:28 GMT

GET
H2 200 houston.js Show response
www.winhelponline.com/detroitchicago/ 4 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/houston.js?gcb=8&cb=17
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559539863676ce8b7493956a42958ab940d9b1fe8587e23d56832a56d8369dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 18:58:13 GMT
server: cloudflare
age: 1934812
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8%2FtiUKqQ17gvsnr%2BywKH6SdJT17mnwEK4zuJxjIl4jIXvPmyo8kKeUwkQWMo7p7jNnji3oEA2neiOTNmXcydo%2FctA837JiECq8XDbgyCAhEuXpVmKbfDqVT3FQ4J602F0KSPJjNvioNFvdnke8icDqRCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5d02cb09a0c-FRA
x-robots-tag: noindex

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 156ms
124ms Image
application/json 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 tortoise.js Show response
www.winhelponline.com/beardeddragon/ 2 KB
1 KB 38ms
38ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/beardeddragon/tortoise.js?gcb=8&cb=2
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55576f073e0b78feb78d9f8417d842fae50b5e93c5d79154eb250b03745feffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 16:38:43 GMT
server: cloudflare
age: 474382
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYNU0x6AtOg3UO2ELQwfhuqiBpGrEE%2FRWQOGnooETNwidte7cvrMBJwHNQfT7n8ReHVEE0H%2F%2BCcL0r5np75zEFtlXeYKdiwbWHPAkaZr5Snv2DQ%2BTXVy%2FFTzb6orfSvp74VN%2B%2BK8yy%2FXl8yaUhIbxd56cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5d03cb49a0c-FRA
x-robots-tag: noindex

GET
H2 200 blocks.style.build.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 0
749 B 18ms
16ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.9.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;97a2316724357725ed5b3389120ca033;2-105367-20;98c0691b-d013-45c4-76cb-f8441f8e833a
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
content-length: 0
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"8a1-5c79151797f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: NaN% 0 / 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPOcK%2FJ14m1GglIR3NpI1xLhMjZg8Q1xovjM437hXc750W0KYOeG72yYdRbqWG7sWFUX%2BzmpcRi4BisXHRligzX0LvtWEDAcymwMjJKRmOEMVUYM5QazUucytSHrM0rAqiYjRNtiv6dGBRmttZXDKkUEUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
accept-ranges: bytes
cf-ray: 7066b5d03cbb9a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 mediaelementplayer-legacy.min.css
www.winhelponline.com/blog/wp-includes/js/mediaelement/ 304 B
304 B 19ms
17ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68202
x-ezoic-cdn: Hit ds;mm;dc6c1ce5ee80c61bf60324f6dc23a0eb;2-105367-20;6bd73bb8-17c3-4b5e-6ea5-e6e178b5fe06
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"2bf8-5b5ff5afbe4ad-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.94% 304 / 310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0vbbSNFjbyZax3FgJi90lkdWEap3Was%2BgIuOgqNoXZQWQQjzcxl6e3doT4WU9xt9SoGxBnA6X0z3Uwn8kxi2xT6T%2FAMpt2EgwVvO0hiaaZiZ3DUyNl%2Fr4kXLX%2FrOSVCC9Tifuf1BYnLQxfJMt2HP3ru%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cbd9a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 wp-mediaelement.min.css
www.winhelponline.com/blog/wp-includes/js/mediaelement/ 103 B
103 B 18ms
16ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 3773
x-ezoic-cdn: Hit ds;mm;3c493162d034d4b7f6602860500dfc51;2-105367-20;50d518c7-340b-45b8-615a-0641070f741b
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"105a-59730f8a0b18d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 0.96% 103 / 104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC350pa5%2BcCcoC43ovTde8ehx%2FTw9OuZneQPO%2FsKb4PC8prvVhbXr1d6o%2Bygt87erM9WgJemmWKtXrcNwPkx5yCjom7h99gWGyV%2FnjCOfGjkyxr2LlmP2uPayMoXKJHrAUvnBj%2BLYMz2GJHK5G2Zv%2Fe%2F6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cbe9a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.min.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/ 24 KB
24 KB 23ms
22ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.3.0&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;eb6f16fa5d02d88589d61d0e3dd91f9f;2-105367-20;4c5464f7-5d2b-46a3-6529-a16b82398dab
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"15c19-5c7915179601f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.06% 24710 / 24975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvtyxluDMw%2F1w16N20NjBmz2Vlj%2Fq%2FWXIif%2BmNcNhFbraC2tc5Jn%2FCn%2BNpiXY44ngEyxg7H5WwseghjJ6lK2Cj%2BBn4QscEajWytOEEH3ex7tmrIPAAztUIOeNbd4yQR08vUoSCQLfE3rvVyLkOGFARjtLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cbf9a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 comments.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 1 KB
1 KB 18ms
16ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;f61f95036701413c6f3581bbcf12d528;2-105367-20;b7555dfb-2ffb-441f-7497-dbcd63c2db0a
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"5d7-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 2.15% 1274 / 1302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXkwf8ahdXiyUP0XgJqYO26bZJj3CCJNRUrlKP0TojFIUiecZcyp1eQIXj6Ylej3kCPaqtYiiDlrF8V9y1iyleRtogCAZaUbxdQmL6EXfiLjHPGKXf9Llv5l5lAR4l2pFmBbdQqSJFqFzn9MqQmzNT6f1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cc09a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 widget-areas.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 2 KB
2 KB 19ms
18ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 3772
x-ezoic-cdn: Hit ds;mm;ddcbcde0c343b333c37ac742115a080e;2-105367-20;8f5abdc6-a0cf-4dde-412f-ffb0e5adad4f
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"d1e-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.92% 2039 / 2079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0Ho2MnbIVw1HWq4NjXuSIMHJv39Q8sIZCiJ2qyxJs59eKSb2%2BSrd5Fl%2B2dOEUD6LngUhaeQZtQ777sWm2NKjs9OSLRDGd8blushSDUgy%2FEjmL%2BUiW7Eh%2Fao8Q3P4UxQ8JhpW3bUJn6eoAMqwxURm5ftug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cc19a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 main.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/ 14 KB
14 KB 22ms
21ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 3772
x-ezoic-cdn: Hit ds;mm;8560d06f5e3bab4e79638dd9da852d92;2-105367-20;7cdb96d9-89f6-4357-5362-f324b085807a
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"4c36-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.64% 14182 / 14418
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EceVOEPbnaX8mF9UD9euhXSsr34AO3UTwFo0eRNcZcX8cKaROgjnCIk%2FhWUP6EXvhIpEbqvnGIQvIfxdH5ObuK%2FEJIyAad%2F08nqOSzaCmEpeilgRtgoaQUQJZeCVQZL%2FmUZRdGnh8fRImRgSMbXEk%2B1jrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cc29a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 font-icons.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/ 3 KB
3 KB 20ms
20ms Image
text/css 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3&ez_used_css_s=1147
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 68203
x-ezoic-cdn: Hit ds;mm;50e6846eac46c19ac4e90ababc2bddd8;2-105367-20;489f2544-162c-491c-5b22-a2f022725407
x-middleton-display: staticcontent_sol, orig_site_sol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"b94-5d79998b721c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ez-minify-css: 1.36% 2748 / 2786
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpOrmD8TDLOxxxY5nbV3fvACYbAOwS536pSFhghc8u0hLuNGVKriwz%2FlU7zBpgvkQZGnarAQR081aNAXYT1cXl4jgtSIPESyChmBKv6jr7u%2B0tMqbF062JmS%2B7%2BLZz228o2BQ7rXEueXUlcdFpC8lWgtWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-ez-proxy-out: true 2.3
cf-ray: 7066b5d03cc49a0c-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.css
g.ezodn.com/cmp/ 15 KB
2 KB 25ms
14ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/style.css?domainId=105367&version=9&cv=5fa625ffffff000000
Requested by: Host: ezodn.com
URL: https://ezodn.com/cmp/altconsent.js?v=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39eda7c628f3c7967290aec8514942939c31bc7999b1dcb6928a55e0fcbeae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 18:29:15 GMT
server: cloudflare
age: 170255
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL5lNSg8NuBc7sDPt5kbm0%2FqvEgYf6OCYIC82kQrPnB9Kbk4HmOLDD76uAKgqVjowsmakmND5qYPRT2Of%2BQBv86UAuJv4%2BdP1YaiRwuWXvM9xUhQ2qWmgoraxVLfvZFuUOLG3L0%2BNYKy8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7066b5d06d959ba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 58ms
18ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 03:42:11 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11181
x-request-id: 849808228

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 213 B
628 B 60ms
11ms XHR
application/json 51.89.21.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p13.id5-sync.com

Software

Resource Hash

41a039558b802d4d0e8e8c2a4ad455a299da30d1d4a29199f6ccfc2d9b8da761

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.winhelponline.com
Date: Thu, 05 May 2022 04:25:05 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 53ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 470 B
279 B 418ms
418ms XHR
text/plain 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717845784122781&correlator=1458964019011527&eid=31067407%2C44752585%2C31066184&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A1041599%2Cwinhelponline_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1247036550&sfv=1-0-38&ecs=20220505&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7610976901955742%26eid%3D7610976901955742%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod24-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-2-7610976901955742%26eb_br%3Da9ec56005762ef40746ec1b6d554f472%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D4511284716%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D2800%26br2%3D1400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C67%2C0%2C168%2C20%2C192%2C119%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2030%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651724705544&lmt=1651724705&dlt=1651724705000&idt=405&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2039225275.1651724705&ga_sid=1651724706&ga_hid=794632280&ga_fc=true&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

980575850b7cddb5212c23d4065f93cf74611fc0f3c33594ae7df27dcb390054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 45ms
22ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05f6c22255ec7ea3a795bfc6a4571bb29c887e44df0b1d1b5face82da19e388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10437
x-xss-protection: 0

GET
H2 200 container.html Show response
bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E815 6 KB
4 KB 52ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 04:25:05 GMT
expires: Fri, 05 May 2023 04:25:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 04:25:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD5D 13 KB
5 KB 26ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 19:25:32 GMT
expires: Thu, 04 May 2023 19:25:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D0A 783 B
1 KB 42ms
19ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e20a514cdd69a29ceadf9ab713eabca5ad1bb21f2e5fc02475d0406541854971

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-orQn+UAy9zrfiBvtB6Ez4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-orQn+UAy9zrfiBvtB6Ez4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 04:25:05 GMT
expires: Thu, 05 May 2022 04:25:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame BD5D 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 19:52:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D0A 0
0 58ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050301&jk=2717845784122781&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD5D 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2epoNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 greenoaks.gif Show response
www.winhelponline.com/detroitchicago/ 0
434 B 46ms
45ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTY1MTcyNDcwMywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDUtMDUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjY2MTY5Mjk3LTQ4NTAtNDdjZC01ZDU3LTE1NDI3MTEyN2MzYiIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInRfZXBvY2giOjE2NTE3MjQ3MDMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjY2MTY5Mjk3LTQ4NTAtNDdjZC01ZDU3LTE1NDI3MTEyN2MzYiIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInRfZXBvY2giOjE2NTE3MjQ3MDMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTY1MTcyNDcwMywiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lncdVc%2Fn5uLEDtZypRrbalZG%2FAXp3bH86d1hgwWnXUR6LhCNxBKVuMRSTGKHz0taw%2FJahdyXMaat3JfM5UxGxfzt0gVMsCEB0T2H%2FQPftbyzM%2BPSYx84gbnYbWx%2Bv4mrlh1V7ypNrv9daAqw5DbgIvjt1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5d45b3f9a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:04 GMT

GET
H2 200 greenoaks.gif Show response
www.winhelponline.com/detroitchicago/ 0
291 B 43ms
42ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIzNyJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTE1MSJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMTIifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMzcyIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMzcyIn0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjQ1NyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjY2MTY5Mjk3LTQ4NTAtNDdjZC01ZDU3LTE1NDI3MTEyN2MzYiIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInRfZXBvY2giOjE2NTE3MjQ3MDMsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjEyNzQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjEyNzQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTY1MTcyNDcwMywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9pm%2FvCcJsN1CJCuY%2BUFydgREz46cJAOXYIRT2cRGBvLqxAai%2FDvcoLrj740UgDWid4BmYtn1GlowW%2BPCXCpR8r%2BqIDLAq8Hg4cLczG5H6Zh8kXWgjm8ayGwnUPHB3fTp0o48DPSB7japTzhTzFz%2BTNwMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5d45b429a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:07 GMT

GET
H2 200 greenoaks.gif Show response
www.winhelponline.com/detroitchicago/ 0
400 B 41ms
40ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTY1MTcyNDcwMywiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiI5NDUifV19XQ==
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU965VTahgeHGH1IgfJYtpAqizCWO1PXF4x6T0Sk3nMmT3q7KXTxqjuQ051HZ7gjObDxWqrBUMQmGbEjNP3gnKA7rWcABZYJc8twz%2BuFKPJkzK9QvChFNCtl3t3MRtlCcdi1ZCcvdcSpxt4zOI0%2F3nOa9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5d45b439a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
17 KB 483ms
482ms XHR
text/plain 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717845784122781&correlator=3622524680409087&eid=31067407%2C44752585%2C31066184&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A1041599%2Cwinhelponline_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=305944621&sfv=1-0-38&ecs=20220505&ists=1&fas=8&fsapi=false&prev_scp=ga%3D2497208%26tap%3Dwinhelponline_com-pixel1-740107019929929%26ezoic%3D1%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26ap%3D9999%26iid1%3D740107019929929%26bra%3Dmod24-c&eri=1&sc=1&cookie=ID%3Df58797d1e66f6c72-22db6b088dcd003b%3AT%3D1651724705%3AS%3DALNI_MamvtyTN5hMBwdQDh-CsQ9sE_lirg&abxe=1&dt=1651724706314&lmt=1651724706&dlt=1651724705000&idt=405&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2039225275.1651724705&ga_sid=1651724706&ga_hid=794632280&ga_fc=true&btvi=-1&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

318b6854c0d40b162d7a310de6bce0f23c25add6d292ccc6034fedf0c08990a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17815
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022050301.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 12ms
11ms Script
text/javascript 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022050301.js?cb=31067407

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5878d87129eda0e0dd21e0584df50c0882eed2705610673fc5529e0e8a86e3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 11:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 May 2023 11:05:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050301&jk=2717845784122781&bg=!0dKl0pbNAAZX5TVhd-U7ACkAdvg8WjHh8qohMNp92b6oORkaujF7Ks2L8MlIEBUiwHS1UT8YJpSYWwIAAACPUgAAAAdoAQcKADb16X9RcSBlB8bt9vR53gXxkWA9JS19altWmBZmUFy7A7-TEZDphsCDjx6dMhYmcGBhTtCFHdWZAqe_gI8-3vY-rZdbbmrOq2jNk333yL9c-uwsxLsguR4ojPRiQJlQK9BvR1FEOr3P-rX4zX5mruxzbO_UebrqCdMtZ6EjBPi4DyjE9h8IBXl6mh9DxZc0S3omM5EZy9C1MY53jKQtP5Pc8yzuD_a5UDAxlmYykHGuCqT1ZBY4vOI55PpwaSJi04PIykQCMfbkC1reARU3wYWbobyK572NOpFJaF9dWXDsQl27gjoxp95w-mnaWBqg6jGUKCW7fRgUBerIve00iCKRSWEDibsmMovZXb1KfaEihe8mKsHiwHppcYh8wDsXp_cyruM4QDpKU8YIMFmE7OPw2IJKPVUBKn7kOd2rwCD2TwkA0jUUeEGkRXzUoMIyMEjMjjVYH8-41pBwAwG8hvrQw4qRS5JIb1YzFwDKCcISrLVuNbq1ub0n09GGnaauxKRrnqT53b1w-rCLUJ-IBdlnbc-331A1rCWoBlaqXTOhPd8WeoaCl_pg7uSPHjJlZFLabSCktpUB8M5WRpdrFS1spBh9LCkr9NkEblPeclnVsuzjMVlHhd7L7r7M5Mzu1DORCH5BnfgrlaKSjTXKvvi-8877L_YSsNgPgKONU6BSXi4BZDxnLGxz_ZFMKG_5QJ3dD74Yg3JUVA9Lw5CbK2KQHgmLpnl2iewAWQm5_-_fQz7YR7XTNZ1d4Atxpwc3HqBm39NlBcAYoJVvUShc189mqYW51407Zuoe8gLvBxjoodulCWK7VwB4GkbMlCtzDOJOMg-2pwO8phQjpTqLZMVuaN0gLoJ7fkYE2RHnLzdX8BfEm0NUeVV1IrN22ZGVKH39OaZoqHJt8nADYbSlJg93e3o87i5rMGI-a5iC6ZkOKRJnmuNbJuo1f4NEfm2hA1dZQtUXc6pS8Mck4_8O_XDp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 container.html Show response
bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C18 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 04:25:05 GMT
expires: Fri, 05 May 2023 04:25:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 greenoaks.gif Show response
www.winhelponline.com/detroitchicago/ 0
294 B 35ms
34ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE3ODgifV19XQ==
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfNOG5BBVhkVT4atUlFLDgWIZz1yyR1W6cyBYAeT2Ou7l78WuCNLisC4%2B6AgQF28yuQWnlIWxgLxQ4GIXZ91S2KYCBBNtNb1Ylou4kw7AH3S0h28t6ayn4iwixGc1uXLNy0%2FkHmeFsR9qWRCQcbW5OBzcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5d99b839a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:09 GMT

GET
H2 200 army.gif Show response
www.winhelponline.com/porpoiseant/ 0
271 B 40ms
40ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzQwMTA3MDE5OTI5OTI5IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6IndpbmhlbHBvbmxpbmVfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NTE3MjQ3MDMsImF1Y3Rpb25fZXBvY2giOjE2NTE3MjQ3MDcsImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiYmlkX2Zsb29yX2luaXRpYWwiOm51bGwsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjpudWxsLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0OTYsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttcbtStVEc9yiy%2FR6R5XFU4XT134y9NCZ4pOh7zAxjsyQUbZHEt5vaGnZEYqPpFSS5aHauxI1IglZyazPQ6li5Zt7VqC9jE8XNzWIwYklczOLRyFP4A6n6DVT6wbsTuBllrE8hsEi7AclOl5JS7S0EtN1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5d9ab849a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:05 GMT

GET
H2 200 army.gif Show response
www.winhelponline.com/porpoiseant/ 0
304 B 36ms
35ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzYxMDk3NjkwMTk1NTc0MiIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MX2RzSxWPKj%2BMeBDo1bHTYtzTTQ3T6osWfY%2BSkT9%2BMJLPNBFj0YFjBN%2FTMFiCXdTcUT09LD%2FIAj5SZJk37BrpnKdlaw8dIse8hGwL3J82CuzegpZrc3vLvW7VGsNvLDbR7%2FIOfLuQo76EUBNqE1%2FG6IKmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5d9ab869a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2C18 4 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 03:56:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 04:25:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 04:25:06 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5198 624 B
733 B 163ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGMq73sgBMAE&v=APEucNUtM_6GfJGzfislIFGyeDsW3E41tn-T6ksF2EMg0MLtZMRkKS1FBfpeRuKXDXQjAUGCLSdBhjhsJc8VDpMBExV7KE9a-wPLysSHJ5JdEZQuWSLYZn9k-gD02heeI0gpiEMZyGki8IpUHqQKrj-Qpp2geYjpjyKRy9403autjUNy_52X7f8KBqP_j3rV38UyMYpxz5TNZiorwh6UaUqpM3um2FzeNQ

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 04:25:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8191 14 KB
11 KB 185ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsYooPzEWXtwi1z7zE_jqcC6T02otSa87Vpx50rLV0TwqIRSMiHgIXsvvWfJO-srodpZNvRnvLLr-KkJjs3X1-5qpyLh3fyva2t2I9GTMl1HW1tosOGlop14tIO7zmofizQdQUwReczduOVHxljt3L1Swr3w&dbm_d=AKAmf-Cx8kFD6jEUEVkU7a8ekv97Sy8EB0w61CifqTdYN5diN_zvw_3g_ZLyrwEqP3g99N9U3j6Jc8D88j1RQN6f659JRE1hgLSTs6h_S8ozsvNrmSQfxco2TaCvQ9CZUEc6GGZAnbswL9Ba00XiRfkxdQ3F7f7THdtO622idKwmZlfqAp9e5O0IiJ0zSUE-KiJRJPKoFPlDpOCb9tmV71Nhb_nremh1NCUvK1HdNWgz4DNKl7dr3knnlniMddgXNA-wlZ0KMg5Iv2uQDx0VYgmSfyxiYz0zwCt23xJzYpSS8eFmKgj-MBcwnSw9FDczbXMrzNUHXTJtAAlwGUJES3dHkQyFhy2wFYuFDAN2LdZ7uvSosRqstF47keWYztq0OHeQJLnKno3sWDv-LuqV0l-LM4XBkTlqFnFAfRLMkNwtxhV1Ug2ZYQ_PuFOwt4KZYhH1tSIXERFZaf36p07ihs44uSOMzUs9AUC055FC_zXHfwWYKfpwi7NUshqZIRhKVCNyyRBrObW8xHQUBR6mFoZuoO3MMSSIBKfUI-eOTxQZi3DNe4z37mll7hUxTXht0yEWNEDCSic2Gvaeg-Dt9-8nyt-_A-PCoL2tP2yI_vXu_6t4Kq_pe1LEM-HpAnfGrb-OKeCi5FJU2aEjpK2srEnFDdMZCXiJrT0EaloP3hjKQXLq7_oSHN-Pf2Cg9_zDhxABx7odFH846v20zkIUzmEIfRV_Yfy7f4fUh_TD3k1jEZrIZHgQOdt7RZ2UDL6LRk1pVlp8-j-jLaZxMdPCSVA4I0k3ClGSVm7MbrtdGDve_8JzzVnQWFUucD9r5ejWivhcb2IiYfqOEGQ9C7wN53aOu66VdBui3eSsQk03SflRW67Xi0QNDPvXOkr7qD6rhSC4hg9VgKZjibZOWVLHHmOrl3goiKX55vz5Cw_y3ENYrcPYRw1E8i_6L8zDLTzQNvZnRX_uGvUMbexla2ULy-VaNhVCQP3jBS0jJ2rOwOjyTTuFVgct7eoyGR-nB68uEeGQfRgY1XRdHysTm5KkCQ3t9e1h_mKVIeKCJr_J1n_R_KEzrjt5RUT5GuOYy7HJyqhihbcESGKALybX7w62nS_yS1CCcFJg5Uol1yznpQP7pqubk2j8tQS3oJVER1oUeqTEYLe5BajcNHiwjUGTgKKzcj9WW1yVWBxK2MWaFfra24yEY-8F-_im_xtDJubanQpom-CIDl6LcYTJLnlIHklC9ezsPXN-RVPYQ2Pc2ST-qxZYcXoh4kt1yEaOd7A9VKE3wmnfgEa8d9yO3ohRbF258hlfJg3upy8pIqHAGmgh0dYc8KaElFNs3z3ArCTSIP4zSx1KBtVK2nNkB-OtCBLyCzCN67hON8ehPQLAakZjSFt55op1hI2vUKsUhecWEsQvT2xZZsFQ8Gl8hhiAMnDQ-qFYYg5G_cBq4OoB3ugZA3CWNzXihLg9EjkNlOWlNNTxUuMlxDlNM9TzD-Y4lybsifNjPzjGzpJ0d3VvCuSbcIHCtFT_ZyjtDLDaUHT0duF9xhcAwRy9l2DyVg7qSA9RtTVXiUjvnvuXT2zg5SUbklkakCLkZ_M87AcwIYTSGVaKnd9PealGskS0gNsc3NO58MaeKZ_3iXm8P7cFeZrGydacX78Y8s3rTNiuBXG8BevcvBeoM8W7kiwKWDAxnGyIlklhIQrd9QQRjqF_7x9oxIqbZlxXVffo7NxKHAosVHIE5ipUzact9ZoGVC2bFiwNTQpwFEExRuUbScEN53VD9UIxwcXuQDG8aB3Pv-nlh1mGkitE-BtoaEKnQv5GEqgT3w1BqgrgaU6nwrqXEthtg3oJRWvruWo5Nz4rtC1UtlOWQseb0ZVl0fc50v96OzZOtp72DpLsn77XNpTcVoB0kQ-XMOlyDdpwtzwSZKW10N2pE-VMn2Ses63EpdGn1c6XwReJ2KFIcgJtLNBIVmE0sKdFRtNRExUNdugDsoC3sGw_IIwfaVj2b3Ie2bhuMxAJ_u5WLRAimsRqr2S0R2CEG27y4DAQonkFcxu9yQLJI_g-OC7_e52GKU34_7726YPnip5Lz6LKf31O2Af4zbkYt3UnpHn1-EgmNYei5gWxCNFiyPQnpKv8fUFCGzymHFp5AVr7j9bh8qy3CArB1A54dfuw6gHMKuaSCa6ZD1AxyXUhX9E0a84F95ZS2XUjZWzVSmwMgl0jmp1TCbJ5QyfNnfpHnEi3s8NmeONGxS9auBU_Zu7fzNkAwmrpD5dJVhPnCcE6sq6SByXEr82Afz02u463sXOeRuRa92HC2qnMJB2uexUikzAQRYgnJVK4IS2qHUPlX0rdF3G2EPStpPAsk47MpYI22YKH1_DOWPg7EM-OlnqtVNXeyQrKtj2WBdsrhG853DyJ8EilbWHIXjK__gcscQoD8TziJFsZqT3h34owq9C_8RVg-mNA_h68jDqRQ_tNkpzceRKWXYOIGvsBPNJAEOt_ut98vfdNi2UWJ23wVRynHRvHSeS17hOk-DD-CNPMJnmX9Ec2Rsm0dnjZKKi5AoPrAriabwlHwO7nda6xZB32yWHPZDPnEVDLAx0foZ1FdEkWKaOZGuJyayKcmc7qoTYFPrdHph-BsgGo0q1142su33-XNVsbIMFa8wrLC7ZLn3M8mmNExr6_dH7BIzPYGOWMgsUn52vxwLvq9tAcDCeFIIPy956Nav10QUuxRTZP3peeRqSh1UtKFp5QOKAWWjx9ryswlfi1qFM7gZa41cB12VOJGN1b0B6RSEo5oLuh2LrdYbDlrce62TvgOWmSIOb5aajYYqUBVtdTDb6slZkRHlIWqI_rh4rFcRb8rNSf_iSgtwFbaJFUZcpWcooDJMyuseZI-Lir7WGdIn-oGztzQUfbMzdL4wy1LomKBRYMkjjQ2kT2xTqdiRxJJ-Y0tn3SZN2SsQxebcqWYAwNccP0YtnQU1kGznYJiU0txMRp6FIkDJbCsvLUUGoiuHpRyvpNe7WdmPtEYHC3VYIhyZbxQLvh&cid=CAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXM&rfl=2%2Chttps%253A%252F%252Fwww.winhelponline.com%252F%240

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c03399d0215b8a1e313c76e1d0818fd54312d492826db25f47e692b56f473264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10752
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1024657/62770989/xbbe/creative/ Frame 8191 240 KB
74 KB 176ms
35ms Script
application/javascript 34.241.231.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1024657/62770989/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAiK95spsdYWJNBInAaTpsS6pmCIi5rQRqGQdy_IQAshidOiGIXgEOl5-ZIQSME7DM6bGUmH9RKzzgEokUAKAmf-CkUSFI7Zgy1phsQ0-Hj76eSdvxAcUb9VBrscoADyQTHUODjh-KbdZgCI00pmluMsH-QnkO3DZqJBz1p3lijQ2syIUZM8EjVPe69g8Tz5h3NYuzsPIATNuOIjPvLUBSNc_imi--Gg9in-qPwfYaexZRGDmwU9Mjs2_DeXKW4rdjVMiiQw4V6xt3B8D_qK8y937edox_KbqcfV00kN3TR58CJV8ibnAYIayo3KpA5cyJgjXY8cUCbvQ5QGua_G-CzXqejfNQlsxufYwVBXG0Lbu8ZOpp2GvEXeuCToezll0B5ApwRWnOrrPebRk2vwQRpWZ2N8ZUe6b_5kUZt9v_7gg0AzPBCvyv57HmHXhUG2lx6IafWirqxuHuQBlTfTkMU6ibCYlJmIjGYSXjZjJ2IzfPDtooJo_0zzYOAn9fa2lvrdb5udU7W_XAXGhO-PlF6dUB5tYC7Qrp8pSD0QARsBe9P6AvtLTfw8DUdlnDtWQ-rwImTL5vFmFA5V7sNRyVvSO6YnA-SGNc6OeCeyxb3GBYf00IUMh-508MuNdLSJTJNYydMp4TvxLsv9V3zgH_xzHA239pJc-NRBhBdlqFBYDdpP778PFZUDDVm8aAXQuSJlS3plQMWD6QQijDDXRWalD4QiPEs8GcsfIlBxKcBkTNZ45Kon1TMN21xHzpXc8VkZsMxwFBw8hvx5_jM3fQObtJ2ujPyw5yOhXZGbweHK2lyjqg-uE__6Ah2SLjq0xPI_xfGEPxVGPhYgiorWiX9PUjEECE83neljO0d6pa0K7TXcLa9eODKTWDfdjz79lnRJcKrm50LQZ95cIzlKCjMsNG6eVTgWrgDEFmMusV5IaQNEfyLYvHJ-7Y-IEQVKkqRDoQfVRGoqCy1GoldRckL3rwABL4a46ojI0oVsXZl_EPPpoaJ6OF8MAPTjk9IbM_mpn1npV_4Tu6q4Fyar1XnVnnxQM214D7gUqFG1QufujGxBKBIudkW3yuZfu4mmfcbFJwuAykrgaUz7Ftrkq289GUorCYuYQKYUnAyRUbggroTs9D_U6-fZsPlcoUzpr2M-cXT138zaDsVoJupxvmsh8eALubrNYHCXoAec_9RpUqcH9_ecNSG_fblOnR7dqTbNAlHEOtm32YA8LEyuBjpp8FKuj6X1LQ8FRPYBEd644ENlgC4xfafC-7g9XMoIHd3wJz9fYBdFDHhRgdqxIrS1SaTO5oeyqAc90_BbsFZ8YlUCU59fU88MU3nRkgTE2UWFRFnGPiCvsc1bdHZZv6UU2zhHv_kL1l8fPGmxDrjEQoKcUQAfWYO93TZOwx7hpfLNkXVMb21BwDweSn1Ybwj1xqIhzaCev-hNRXwihyHJ69Y7EiJ9axCHPbyGZSl3XLUqrfdV68kp3oAOmxhUrbg9ZO1lDtaOjcbE0L5R7MdMmbZk7CzemxgieCK8gk0O9bopWyboPwC66h_nciyXQAiM4QiA8QyfI80WhD9UH-PHOC6KVOogLshhKjiAWTh8pNQgkRbwDfnaX-NrFtA0sDu6tgv6B0BH9vzh3vE0-hHnS1RJm03Y5xAYWGYIzfiritnaELyLI18EdJI25UnMFrbNN4FFxcjbegFqCxIQIOQZh9JYQlXEwPeWmDXfCMkLAsyIapvvvHJk6DqMVku0fxy22rXpurmHMeLWBHks-cHyTQHt3f7g8bVDczmtMIwKO8PgzURBhGkJt-PHHs2OvWGGwOPo3MHYvWCEXA3gV9I7OO7OeJ5QKpxUJT4knFsbXmQpDL3IF-dggqApmAtbWESHE7cV1hd1_2Hk3RAHPDcRYwjvaiZI4xwCrVDN-4IbDkMGhWzBt8CY3Wdqbzh3Yb5uE-vRe1IgGkp_qrJjs65zw-F7cOZzDT9WTtNrD57o2D2W31vD3EsPPDmxj1wth95iPc1SpQOU4uy776XzDDmNsAml-sNgfApuzLiZMb4OIeFlerndDMAKVa4w8Um71TEwDYkK0UgZaN-NwR8ONmJfhkSzB6eKrITQlMd8TiAU7NgEvMmgZVtncGPwkQ-a0e5nNuNNmnCoEy1LcIkEps4zZ-Qfz--T8q7HO_QQ2O4kf8aS2DXmUx0LZOoG0SPMXx-LDaQZibA5u0dKv361A3B5u2FF_8NBNH9EYffja1qPNyudjZoz9gi2cNm4s-1h6EH8tm1Ehh28nYvSbLwet_QjUJHiE7HVn5Bk7yeEt6VO2XEl4Vzg2pR0VFlLJhTBg5zHHuqDRX_KJlYgEN8cKrNexbTFKoIUZr95PCt-UhqAgfl6Bd7qDd6PH48BPm8TxycYKrlYjhcwDTn_V5QFlCyvU25AmxqtpxwJTxZREpI4qs-1OQaa5ZOXBvm0DGrP_Q0NvNDA6ifIVHE70wP8eo2qLeggi6FjopSFyMpslpthTFQvVJU0D_u91jvA3XLvY0ZHEWHr9x4yP0PX_IUgFfQTT-HjIXbmULGpoixJpiOdpzRl2RIBu56bdgCqVshJKudiXy69EVANk3xwqrCVckwNrpOXVv_9lm3dOLVB5rB2Y-y4FnTer3swr5hpsTn4T4VvEhm8Wzz6xWJt9fQAon9v0Ewvm7wbwFm5ju9g_K7xy0oMNfmhvs4UbauLu3VAOVHZZpjfYkuYNzgIhhvYsc-MPWxWp-TdLXTP_Gq1L9jE156AaUNS-W-lQZ7B-GOY2opAyiY1pcuLRAL8C9BacQYTw4HRed4aYy8KE8yqn8xsmqjHHy6K54J3dSHH0pXd1tKtK6tIp4gAJMRdvGz9pBzBuXJJKzHGPLL1SFo8e8inJan-K-3tEph4dD6fn269trKG535Q5FWpgJWvjMhEsBuwT5dFQQ4EMmqKBSKoTlKADawXVi2P8858Lgqk1Q5256x51hOmDXuYalq4pfzQ3IXx8eOU7ogHxaSBKQKQt9TH-cyJgUbC10AZFkEFSaMkizs2lzifJbQAkQEFACokL9VrhqEWa4kzGXEl2iC66QzkUXTBLGe2pCh2Jy1aHH7zVC0fqDRoft0pHRdZLi1b5U8KKaIc4JM-EZprsPpTE54qSekuCTxKwQ2hbWeZlGJ2GDBsscMTGBqfoEis0cDm3ktOdue0jiXNXLLF9CWBq46u9LX88u_7hMZYc4BhLLBLIG79IieBmE3zk-nbpKdvzoFyrDjdnnjpcMRx3ZDSTZZ9kvz102he4ij2SvdH5uvcl2RTq1grxPiINfS6QmBxUZTgMbuxCa4wMxhyBA0tDkAixdk_qZy3ScV1UFacF8-34Obfbd9ioEvd51Krq2lzR4km2AQd7_gE6ENCftkiU_aSF-rG4qU6zP4PIIJtmGl7eF1HGc2PJV9X1Lr-MQi1BR8PA8zZNmDqmR3mKsM8uMI6Ecb1OM-ybbUubIi6XOQQZahgm-zko9HO8i6jG1p1BjgGRY4-2qchopCAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXNgAQ&ias_dspID=3&ias_campId=28132469&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=17053386653&bidurl=https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gQg4dQuTaJXsowaMAQuanI
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.231.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-231-109.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 54fff82d3d3950ef2a549de194b390ae884e49bee57853fab5c5abeaeb219609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 8191 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/window_focus_fy2019.js

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 04:01:36 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 8191 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 04:14:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8191 0
0 155ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfZrI_J7Gfcl0SgQ9Ev8r4X2bRB0FFIhPxnNRHrLadmwayT71ezm6h3OZ1Gvcx6FY6kNb61YoD3EA9NcIYOtYlq-3g7w
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8191 120 KB
37 KB 162ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 04:25:06 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8191 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDA65T5O7hcGyY40SHnXzL6-IWogcWiNKL8VKRkKD_QExNaIzK4HncnjPQMa7KyYpfqQmWMP-m_crgJOkHhF2TH2l_s_tJOirHQlFbzF5viBSs_Ug

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/elements/html/ Frame 2C18 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 04:00:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5198
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1

43 B
1014 B

14ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGMq73sgBMAE&v=APEucNUtM_6GfJGzfislIFGyeDsW3E41tn-T6ksF2EMg0MLtZMRkKS1FBfpeRuKXDXQjAUGCLSdBhjhsJc8VDpMBExV7KE9a-wPLysSHJ5JdEZQuWSLYZn9k-gD02heeI0gpiEMZyGki8IpUHqQKrj-Qpp2geYjpjyKRy9403autjUNy_52X7f8KBqP_j3rV38UyMYpxz5TNZiorwh6UaUqpM3um2FzeNQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 05 May 2022 04:25:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5198
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnNRo8JoWhsvPgy1V8y2oAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1

43 B
894 B

14ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGMq73sgBMAE&v=APEucNUtM_6GfJGzfislIFGyeDsW3E41tn-T6ksF2EMg0MLtZMRkKS1FBfpeRuKXDXQjAUGCLSdBhjhsJc8VDpMBExV7KE9a-wPLysSHJ5JdEZQuWSLYZn9k-gD02heeI0gpiEMZyGki8IpUHqQKrj-Qpp2geYjpjyKRy9403autjUNy_52X7f8KBqP_j3rV38UyMYpxz5TNZiorwh6UaUqpM3um2FzeNQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 05 May 2022 04:25:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPJmKPIIPABLoaUoyh7pHEg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5198
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK39Wk7jQs8awuNdsitYXRU&google_cver=1

43 B
1010 B

8ms
8ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK39Wk7jQs8awuNdsitYXRU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIXULRDioeABGMq73sgBMAE&v=APEucNUtM_6GfJGzfislIFGyeDsW3E41tn-T6ksF2EMg0MLtZMRkKS1FBfpeRuKXDXQjAUGCLSdBhjhsJc8VDpMBExV7KE9a-wPLysSHJ5JdEZQuWSLYZn9k-gD02heeI0gpiEMZyGki8IpUHqQKrj-Qpp2geYjpjyKRy9403autjUNy_52X7f8KBqP_j3rV38UyMYpxz5TNZiorwh6UaUqpM3um2FzeNQ

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7fc16d72-054e-4856-9041-2f67d83d7f5f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK39Wk7jQs8awuNdsitYXRU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5198
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI0NTYwNjc3Nzk3ODAyMDkwMQ%3D%3D

170 B
243 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI0NTYwNjc3Nzk3ODAyMDkwMQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: be731bd9-e624-4f61-a2dc-8ca9f147ae33
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI0NTYwNjc3Nzk3ODAyMDkwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8191 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsYooPzEWXtwi1z7zE_jqcC6T02otSa87Vpx50rLV0TwqIRSMiHgIXsvvWfJO-srodpZNvRnvLLr-KkJjs3X1-5qpyLh3fyva2t2I9GTMl1HW1tosOGlop14tIO7zmofizQdQUwReczduOVHxljt3L1Swr3w&dbm_d=AKAmf-Cx8kFD6jEUEVkU7a8ekv97Sy8EB0w61CifqTdYN5diN_zvw_3g_ZLyrwEqP3g99N9U3j6Jc8D88j1RQN6f659JRE1hgLSTs6h_S8ozsvNrmSQfxco2TaCvQ9CZUEc6GGZAnbswL9Ba00XiRfkxdQ3F7f7THdtO622idKwmZlfqAp9e5O0IiJ0zSUE-KiJRJPKoFPlDpOCb9tmV71Nhb_nremh1NCUvK1HdNWgz4DNKl7dr3knnlniMddgXNA-wlZ0KMg5Iv2uQDx0VYgmSfyxiYz0zwCt23xJzYpSS8eFmKgj-MBcwnSw9FDczbXMrzNUHXTJtAAlwGUJES3dHkQyFhy2wFYuFDAN2LdZ7uvSosRqstF47keWYztq0OHeQJLnKno3sWDv-LuqV0l-LM4XBkTlqFnFAfRLMkNwtxhV1Ug2ZYQ_PuFOwt4KZYhH1tSIXERFZaf36p07ihs44uSOMzUs9AUC055FC_zXHfwWYKfpwi7NUshqZIRhKVCNyyRBrObW8xHQUBR6mFoZuoO3MMSSIBKfUI-eOTxQZi3DNe4z37mll7hUxTXht0yEWNEDCSic2Gvaeg-Dt9-8nyt-_A-PCoL2tP2yI_vXu_6t4Kq_pe1LEM-HpAnfGrb-OKeCi5FJU2aEjpK2srEnFDdMZCXiJrT0EaloP3hjKQXLq7_oSHN-Pf2Cg9_zDhxABx7odFH846v20zkIUzmEIfRV_Yfy7f4fUh_TD3k1jEZrIZHgQOdt7RZ2UDL6LRk1pVlp8-j-jLaZxMdPCSVA4I0k3ClGSVm7MbrtdGDve_8JzzVnQWFUucD9r5ejWivhcb2IiYfqOEGQ9C7wN53aOu66VdBui3eSsQk03SflRW67Xi0QNDPvXOkr7qD6rhSC4hg9VgKZjibZOWVLHHmOrl3goiKX55vz5Cw_y3ENYrcPYRw1E8i_6L8zDLTzQNvZnRX_uGvUMbexla2ULy-VaNhVCQP3jBS0jJ2rOwOjyTTuFVgct7eoyGR-nB68uEeGQfRgY1XRdHysTm5KkCQ3t9e1h_mKVIeKCJr_J1n_R_KEzrjt5RUT5GuOYy7HJyqhihbcESGKALybX7w62nS_yS1CCcFJg5Uol1yznpQP7pqubk2j8tQS3oJVER1oUeqTEYLe5BajcNHiwjUGTgKKzcj9WW1yVWBxK2MWaFfra24yEY-8F-_im_xtDJubanQpom-CIDl6LcYTJLnlIHklC9ezsPXN-RVPYQ2Pc2ST-qxZYcXoh4kt1yEaOd7A9VKE3wmnfgEa8d9yO3ohRbF258hlfJg3upy8pIqHAGmgh0dYc8KaElFNs3z3ArCTSIP4zSx1KBtVK2nNkB-OtCBLyCzCN67hON8ehPQLAakZjSFt55op1hI2vUKsUhecWEsQvT2xZZsFQ8Gl8hhiAMnDQ-qFYYg5G_cBq4OoB3ugZA3CWNzXihLg9EjkNlOWlNNTxUuMlxDlNM9TzD-Y4lybsifNjPzjGzpJ0d3VvCuSbcIHCtFT_ZyjtDLDaUHT0duF9xhcAwRy9l2DyVg7qSA9RtTVXiUjvnvuXT2zg5SUbklkakCLkZ_M87AcwIYTSGVaKnd9PealGskS0gNsc3NO58MaeKZ_3iXm8P7cFeZrGydacX78Y8s3rTNiuBXG8BevcvBeoM8W7kiwKWDAxnGyIlklhIQrd9QQRjqF_7x9oxIqbZlxXVffo7NxKHAosVHIE5ipUzact9ZoGVC2bFiwNTQpwFEExRuUbScEN53VD9UIxwcXuQDG8aB3Pv-nlh1mGkitE-BtoaEKnQv5GEqgT3w1BqgrgaU6nwrqXEthtg3oJRWvruWo5Nz4rtC1UtlOWQseb0ZVl0fc50v96OzZOtp72DpLsn77XNpTcVoB0kQ-XMOlyDdpwtzwSZKW10N2pE-VMn2Ses63EpdGn1c6XwReJ2KFIcgJtLNBIVmE0sKdFRtNRExUNdugDsoC3sGw_IIwfaVj2b3Ie2bhuMxAJ_u5WLRAimsRqr2S0R2CEG27y4DAQonkFcxu9yQLJI_g-OC7_e52GKU34_7726YPnip5Lz6LKf31O2Af4zbkYt3UnpHn1-EgmNYei5gWxCNFiyPQnpKv8fUFCGzymHFp5AVr7j9bh8qy3CArB1A54dfuw6gHMKuaSCa6ZD1AxyXUhX9E0a84F95ZS2XUjZWzVSmwMgl0jmp1TCbJ5QyfNnfpHnEi3s8NmeONGxS9auBU_Zu7fzNkAwmrpD5dJVhPnCcE6sq6SByXEr82Afz02u463sXOeRuRa92HC2qnMJB2uexUikzAQRYgnJVK4IS2qHUPlX0rdF3G2EPStpPAsk47MpYI22YKH1_DOWPg7EM-OlnqtVNXeyQrKtj2WBdsrhG853DyJ8EilbWHIXjK__gcscQoD8TziJFsZqT3h34owq9C_8RVg-mNA_h68jDqRQ_tNkpzceRKWXYOIGvsBPNJAEOt_ut98vfdNi2UWJ23wVRynHRvHSeS17hOk-DD-CNPMJnmX9Ec2Rsm0dnjZKKi5AoPrAriabwlHwO7nda6xZB32yWHPZDPnEVDLAx0foZ1FdEkWKaOZGuJyayKcmc7qoTYFPrdHph-BsgGo0q1142su33-XNVsbIMFa8wrLC7ZLn3M8mmNExr6_dH7BIzPYGOWMgsUn52vxwLvq9tAcDCeFIIPy956Nav10QUuxRTZP3peeRqSh1UtKFp5QOKAWWjx9ryswlfi1qFM7gZa41cB12VOJGN1b0B6RSEo5oLuh2LrdYbDlrce62TvgOWmSIOb5aajYYqUBVtdTDb6slZkRHlIWqI_rh4rFcRb8rNSf_iSgtwFbaJFUZcpWcooDJMyuseZI-Lir7WGdIn-oGztzQUfbMzdL4wy1LomKBRYMkjjQ2kT2xTqdiRxJJ-Y0tn3SZN2SsQxebcqWYAwNccP0YtnQU1kGznYJiU0txMRp6FIkDJbCsvLUUGoiuHpRyvpNe7WdmPtEYHC3VYIhyZbxQLvh&cid=CAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXM&rfl=2%2Chttps%253A%252F%252Fwww.winhelponline.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 10:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 10:17:34 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BD0C 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 65254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 10:17:33 GMT
expires: Thu, 04 May 2023 10:17:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame BD0C 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 13:39:49 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 8191
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1024657/62770989/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGT...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAi...

67 KB
23 KB

113ms
58ms

Script
text/javascript

173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAiK95spsdYWJNBInAaTpsS6pmCIi5rQRqGQdy_IQAshidOiGIXgEOl5-ZIQSME7DM6bGUmH9RKzzgEokUAKAmf-CkUSFI7Zgy1phsQ0-Hj76eSdvxAcUb9VBrscoADyQTHUODjh-KbdZgCI00pmluMsH-QnkO3DZqJBz1p3lijQ2syIUZM8EjVPe69g8Tz5h3NYuzsPIATNuOIjPvLUBSNc_imi--Gg9in-qPwfYaexZRGDmwU9Mjs2_DeXKW4rdjVMiiQw4V6xt3B8D_qK8y937edox_KbqcfV00kN3TR58CJV8ibnAYIayo3KpA5cyJgjXY8cUCbvQ5QGua_G-CzXqejfNQlsxufYwVBXG0Lbu8ZOpp2GvEXeuCToezll0B5ApwRWnOrrPebRk2vwQRpWZ2N8ZUe6b_5kUZt9v_7gg0AzPBCvyv57HmHXhUG2lx6IafWirqxuHuQBlTfTkMU6ibCYlJmIjGYSXjZjJ2IzfPDtooJo_0zzYOAn9fa2lvrdb5udU7W_XAXGhO-PlF6dUB5tYC7Qrp8pSD0QARsBe9P6AvtLTfw8DUdlnDtWQ-rwImTL5vFmFA5V7sNRyVvSO6YnA-SGNc6OeCeyxb3GBYf00IUMh-508MuNdLSJTJNYydMp4TvxLsv9V3zgH_xzHA239pJc-NRBhBdlqFBYDdpP778PFZUDDVm8aAXQuSJlS3plQMWD6QQijDDXRWalD4QiPEs8GcsfIlBxKcBkTNZ45Kon1TMN21xHzpXc8VkZsMxwFBw8hvx5_jM3fQObtJ2ujPyw5yOhXZGbweHK2lyjqg-uE__6Ah2SLjq0xPI_xfGEPxVGPhYgiorWiX9PUjEECE83neljO0d6pa0K7TXcLa9eODKTWDfdjz79lnRJcKrm50LQZ95cIzlKCjMsNG6eVTgWrgDEFmMusV5IaQNEfyLYvHJ-7Y-IEQVKkqRDoQfVRGoqCy1GoldRckL3rwABL4a46ojI0oVsXZl_EPPpoaJ6OF8MAPTjk9IbM_mpn1npV_4Tu6q4Fyar1XnVnnxQM214D7gUqFG1QufujGxBKBIudkW3yuZfu4mmfcbFJwuAykrgaUz7Ftrkq289GUorCYuYQKYUnAyRUbggroTs9D_U6-fZsPlcoUzpr2M-cXT138zaDsVoJupxvmsh8eALubrNYHCXoAec_9RpUqcH9_ecNSG_fblOnR7dqTbNAlHEOtm32YA8LEyuBjpp8FKuj6X1LQ8FRPYBEd644ENlgC4xfafC-7g9XMoIHd3wJz9fYBdFDHhRgdqxIrS1SaTO5oeyqAc90_BbsFZ8YlUCU59fU88MU3nRkgTE2UWFRFnGPiCvsc1bdHZZv6UU2zhHv_kL1l8fPGmxDrjEQoKcUQAfWYO93TZOwx7hpfLNkXVMb21BwDweSn1Ybwj1xqIhzaCev-hNRXwihyHJ69Y7EiJ9axCHPbyGZSl3XLUqrfdV68kp3oAOmxhUrbg9ZO1lDtaOjcbE0L5R7MdMmbZk7CzemxgieCK8gk0O9bopWyboPwC66h_nciyXQAiM4QiA8QyfI80WhD9UH-PHOC6KVOogLshhKjiAWTh8pNQgkRbwDfnaX-NrFtA0sDu6tgv6B0BH9vzh3vE0-hHnS1RJm03Y5xAYWGYIzfiritnaELyLI18EdJI25UnMFrbNN4FFxcjbegFqCxIQIOQZh9JYQlXEwPeWmDXfCMkLAsyIapvvvHJk6DqMVku0fxy22rXpurmHMeLWBHks-cHyTQHt3f7g8bVDczmtMIwKO8PgzURBhGkJt-PHHs2OvWGGwOPo3MHYvWCEXA3gV9I7OO7OeJ5QKpxUJT4knFsbXmQpDL3IF-dggqApmAtbWESHE7cV1hd1_2Hk3RAHPDcRYwjvaiZI4xwCrVDN-4IbDkMGhWzBt8CY3Wdqbzh3Yb5uE-vRe1IgGkp_qrJjs65zw-F7cOZzDT9WTtNrD57o2D2W31vD3EsPPDmxj1wth95iPc1SpQOU4uy776XzDDmNsAml-sNgfApuzLiZMb4OIeFlerndDMAKVa4w8Um71TEwDYkK0UgZaN-NwR8ONmJfhkSzB6eKrITQlMd8TiAU7NgEvMmgZVtncGPwkQ-a0e5nNuNNmnCoEy1LcIkEps4zZ-Qfz--T8q7HO_QQ2O4kf8aS2DXmUx0LZOoG0SPMXx-LDaQZibA5u0dKv361A3B5u2FF_8NBNH9EYffja1qPNyudjZoz9gi2cNm4s-1h6EH8tm1Ehh28nYvSbLwet_QjUJHiE7HVn5Bk7yeEt6VO2XEl4Vzg2pR0VFlLJhTBg5zHHuqDRX_KJlYgEN8cKrNexbTFKoIUZr95PCt-UhqAgfl6Bd7qDd6PH48BPm8TxycYKrlYjhcwDTn_V5QFlCyvU25AmxqtpxwJTxZREpI4qs-1OQaa5ZOXBvm0DGrP_Q0NvNDA6ifIVHE70wP8eo2qLeggi6FjopSFyMpslpthTFQvVJU0D_u91jvA3XLvY0ZHEWHr9x4yP0PX_IUgFfQTT-HjIXbmULGpoixJpiOdpzRl2RIBu56bdgCqVshJKudiXy69EVANk3xwqrCVckwNrpOXVv_9lm3dOLVB5rB2Y-y4FnTer3swr5hpsTn4T4VvEhm8Wzz6xWJt9fQAon9v0Ewvm7wbwFm5ju9g_K7xy0oMNfmhvs4UbauLu3VAOVHZZpjfYkuYNzgIhhvYsc-MPWxWp-TdLXTP_Gq1L9jE156AaUNS-W-lQZ7B-GOY2opAyiY1pcuLRAL8C9BacQYTw4HRed4aYy8KE8yqn8xsmqjHHy6K54J3dSHH0pXd1tKtK6tIp4gAJMRdvGz9pBzBuXJJKzHGPLL1SFo8e8inJan-K-3tEph4dD6fn269trKG535Q5FWpgJWvjMhEsBuwT5dFQQ4EMmqKBSKoTlKADawXVi2P8858Lgqk1Q5256x51hOmDXuYalq4pfzQ3IXx8eOU7ogHxaSBKQKQt9TH-cyJgUbC10AZFkEFSaMkizs2lzifJbQAkQEFACokL9VrhqEWa4kzGXEl2iC66QzkUXTBLGe2pCh2Jy1aHH7zVC0fqDRoft0pHRdZLi1b5U8KKaIc4JM-EZprsPpTE54qSekuCTxKwQ2hbWeZlGJ2GDBsscMTGBqfoEis0cDm3ktOdue0jiXNXLLF9CWBq46u9LX88u_7hMZYc4BhLLBLIG79IieBmE3zk-nbpKdvzoFyrDjdnnjpcMRx3ZDSTZZ9kvz102he4ij2SvdH5uvcl2RTq1grxPiINfS6QmBxUZTgMbuxCa4wMxhyBA0tDkAixdk_qZy3ScV1UFacF8-34Obfbd9ioEvd51Krq2lzR4km2AQd7_gE6ENCftkiU_aSF-rG4qU6zP4PIIJtmGl7eF1HGc2PJV9X1Lr-MQi1BR8PA8zZNmDqmR3mKsM8uMI6Ecb1OM-ybbUubIi6XOQQZahgm-zko9HO8i6jG1p1BjgGRY4-2qchopCAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXNgAQ

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

0d099fa99b11896ff3274430009988a277b8ef693ded72c56a651ce03b5f8558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23130
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAiK95spsdYWJNBInAaTpsS6pmCIi5rQRqGQdy_IQAshidOiGIXgEOl5-ZIQSME7DM6bGUmH9RKzzgEokUAKAmf-CkUSFI7Zgy1phsQ0-Hj76eSdvxAcUb9VBrscoADyQTHUODjh-KbdZgCI00pmluMsH-QnkO3DZqJBz1p3lijQ2syIUZM8EjVPe69g8Tz5h3NYuzsPIATNuOIjPvLUBSNc_imi--Gg9in-qPwfYaexZRGDmwU9Mjs2_DeXKW4rdjVMiiQw4V6xt3B8D_qK8y937edox_KbqcfV00kN3TR58CJV8ibnAYIayo3KpA5cyJgjXY8cUCbvQ5QGua_G-CzXqejfNQlsxufYwVBXG0Lbu8ZOpp2GvEXeuCToezll0B5ApwRWnOrrPebRk2vwQRpWZ2N8ZUe6b_5kUZt9v_7gg0AzPBCvyv57HmHXhUG2lx6IafWirqxuHuQBlTfTkMU6ibCYlJmIjGYSXjZjJ2IzfPDtooJo_0zzYOAn9fa2lvrdb5udU7W_XAXGhO-PlF6dUB5tYC7Qrp8pSD0QARsBe9P6AvtLTfw8DUdlnDtWQ-rwImTL5vFmFA5V7sNRyVvSO6YnA-SGNc6OeCeyxb3GBYf00IUMh-508MuNdLSJTJNYydMp4TvxLsv9V3zgH_xzHA239pJc-NRBhBdlqFBYDdpP778PFZUDDVm8aAXQuSJlS3plQMWD6QQijDDXRWalD4QiPEs8GcsfIlBxKcBkTNZ45Kon1TMN21xHzpXc8VkZsMxwFBw8hvx5_jM3fQObtJ2ujPyw5yOhXZGbweHK2lyjqg-uE__6Ah2SLjq0xPI_xfGEPxVGPhYgiorWiX9PUjEECE83neljO0d6pa0K7TXcLa9eODKTWDfdjz79lnRJcKrm50LQZ95cIzlKCjMsNG6eVTgWrgDEFmMusV5IaQNEfyLYvHJ-7Y-IEQVKkqRDoQfVRGoqCy1GoldRckL3rwABL4a46ojI0oVsXZl_EPPpoaJ6OF8MAPTjk9IbM_mpn1npV_4Tu6q4Fyar1XnVnnxQM214D7gUqFG1QufujGxBKBIudkW3yuZfu4mmfcbFJwuAykrgaUz7Ftrkq289GUorCYuYQKYUnAyRUbggroTs9D_U6-fZsPlcoUzpr2M-cXT138zaDsVoJupxvmsh8eALubrNYHCXoAec_9RpUqcH9_ecNSG_fblOnR7dqTbNAlHEOtm32YA8LEyuBjpp8FKuj6X1LQ8FRPYBEd644ENlgC4xfafC-7g9XMoIHd3wJz9fYBdFDHhRgdqxIrS1SaTO5oeyqAc90_BbsFZ8YlUCU59fU88MU3nRkgTE2UWFRFnGPiCvsc1bdHZZv6UU2zhHv_kL1l8fPGmxDrjEQoKcUQAfWYO93TZOwx7hpfLNkXVMb21BwDweSn1Ybwj1xqIhzaCev-hNRXwihyHJ69Y7EiJ9axCHPbyGZSl3XLUqrfdV68kp3oAOmxhUrbg9ZO1lDtaOjcbE0L5R7MdMmbZk7CzemxgieCK8gk0O9bopWyboPwC66h_nciyXQAiM4QiA8QyfI80WhD9UH-PHOC6KVOogLshhKjiAWTh8pNQgkRbwDfnaX-NrFtA0sDu6tgv6B0BH9vzh3vE0-hHnS1RJm03Y5xAYWGYIzfiritnaELyLI18EdJI25UnMFrbNN4FFxcjbegFqCxIQIOQZh9JYQlXEwPeWmDXfCMkLAsyIapvvvHJk6DqMVku0fxy22rXpurmHMeLWBHks-cHyTQHt3f7g8bVDczmtMIwKO8PgzURBhGkJt-PHHs2OvWGGwOPo3MHYvWCEXA3gV9I7OO7OeJ5QKpxUJT4knFsbXmQpDL3IF-dggqApmAtbWESHE7cV1hd1_2Hk3RAHPDcRYwjvaiZI4xwCrVDN-4IbDkMGhWzBt8CY3Wdqbzh3Yb5uE-vRe1IgGkp_qrJjs65zw-F7cOZzDT9WTtNrD57o2D2W31vD3EsPPDmxj1wth95iPc1SpQOU4uy776XzDDmNsAml-sNgfApuzLiZMb4OIeFlerndDMAKVa4w8Um71TEwDYkK0UgZaN-NwR8ONmJfhkSzB6eKrITQlMd8TiAU7NgEvMmgZVtncGPwkQ-a0e5nNuNNmnCoEy1LcIkEps4zZ-Qfz--T8q7HO_QQ2O4kf8aS2DXmUx0LZOoG0SPMXx-LDaQZibA5u0dKv361A3B5u2FF_8NBNH9EYffja1qPNyudjZoz9gi2cNm4s-1h6EH8tm1Ehh28nYvSbLwet_QjUJHiE7HVn5Bk7yeEt6VO2XEl4Vzg2pR0VFlLJhTBg5zHHuqDRX_KJlYgEN8cKrNexbTFKoIUZr95PCt-UhqAgfl6Bd7qDd6PH48BPm8TxycYKrlYjhcwDTn_V5QFlCyvU25AmxqtpxwJTxZREpI4qs-1OQaa5ZOXBvm0DGrP_Q0NvNDA6ifIVHE70wP8eo2qLeggi6FjopSFyMpslpthTFQvVJU0D_u91jvA3XLvY0ZHEWHr9x4yP0PX_IUgFfQTT-HjIXbmULGpoixJpiOdpzRl2RIBu56bdgCqVshJKudiXy69EVANk3xwqrCVckwNrpOXVv_9lm3dOLVB5rB2Y-y4FnTer3swr5hpsTn4T4VvEhm8Wzz6xWJt9fQAon9v0Ewvm7wbwFm5ju9g_K7xy0oMNfmhvs4UbauLu3VAOVHZZpjfYkuYNzgIhhvYsc-MPWxWp-TdLXTP_Gq1L9jE156AaUNS-W-lQZ7B-GOY2opAyiY1pcuLRAL8C9BacQYTw4HRed4aYy8KE8yqn8xsmqjHHy6K54J3dSHH0pXd1tKtK6tIp4gAJMRdvGz9pBzBuXJJKzHGPLL1SFo8e8inJan-K-3tEph4dD6fn269trKG535Q5FWpgJWvjMhEsBuwT5dFQQ4EMmqKBSKoTlKADawXVi2P8858Lgqk1Q5256x51hOmDXuYalq4pfzQ3IXx8eOU7ogHxaSBKQKQt9TH-cyJgUbC10AZFkEFSaMkizs2lzifJbQAkQEFACokL9VrhqEWa4kzGXEl2iC66QzkUXTBLGe2pCh2Jy1aHH7zVC0fqDRoft0pHRdZLi1b5U8KKaIc4JM-EZprsPpTE54qSekuCTxKwQ2hbWeZlGJ2GDBsscMTGBqfoEis0cDm3ktOdue0jiXNXLLF9CWBq46u9LX88u_7hMZYc4BhLLBLIG79IieBmE3zk-nbpKdvzoFyrDjdnnjpcMRx3ZDSTZZ9kvz102he4ij2SvdH5uvcl2RTq1grxPiINfS6QmBxUZTgMbuxCa4wMxhyBA0tDkAixdk_qZy3ScV1UFacF8-34Obfbd9ioEvd51Krq2lzR4km2AQd7_gE6ENCftkiU_aSF-rG4qU6zP4PIIJtmGl7eF1HGc2PJV9X1Lr-MQi1BR8PA8zZNmDqmR3mKsM8uMI6Ecb1OM-ybbUubIi6XOQQZahgm-zko9HO8i6jG1p1BjgGRY4-2qchopCAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXNgAQ
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 7BB3 80 KB
21 KB 46ms
8ms Script
application/javascript 2600:9000:2156:d000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 2598746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: c0_4MXQxq9_eaUQqFSI017fQqXANu8G4UJDdaV7Q-TIk_bWr8g40CA==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8191 43 B
301 B 306ms
82ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1024657&asId=eaff84ff-8773-6b2f-5b92-f1d1e99f919f&tv=%7Bc:bI7UWW,pingTime:-3,time:58,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4VKxI8+11%7C12%7C131*.1024657-62770989%7C1311%7C13121,idMap:131*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8191 43 B
301 B 304ms
83ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1024657&asId=eaff84ff-8773-6b2f-5b92-f1d1e99f919f&tv=%7Bc:bI7UWX,pingTime:-6,time:59,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:59,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4VKxI8+11%7C12%7C131*.1024657-62770989%7C1311%7C13121,idMap:131*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.winhelponline.com*%2Cbae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com*&br=c
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8191 43 B
301 B 302ms
83ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1024657&asId=eaff84ff-8773-6b2f-5b92-f1d1e99f919f&tv=%7Bc:bI7UX1,pingTime:-2,time:63,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:263,beZ:265,mfA:267,cmA:268,inA:269,inZ:272,prA:272,prZ:276,si:281,poA:282,poZ:302,cmZ:302,mfZ:302,loA:323,loZ:325,ltA:327,ltZ:327%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4VKxI8+11%7C12%7C131*.1024657-62770989%7C1311%7C13121,idMap:131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:44,readyFired:false%7D&br=c
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0C 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR371olFzYuz9PIHT3gPmsqDICwAAAAA4AeAEAg&bg=!YGOlYyfNAAZNIUvJbSE7ACkAdvg8WkTOne6S8OhQi4GLB0gh8e0uMVkaGdfLuFa8s8p0BkBLNQIm8gIAAAB1UgAAAAFoAQeZAzCaSZLv7UpH4AgE416qrWvfNqRNiW5_zuT4ycK0Nc859lB8jSLS1WoAxxFpaRmIuZlscngizf7Vdw7WwmW3YLI5a0I3TW9j4NDogtD6jhSFMKBAcQNMgz6G1yTVxhL4EaXuuR8ybt46NqnJBCGnq3FcKGIoTB8crIA_lXmVAfAOnuLh5IySBGbrwz8agljXLUYyzFXrU9T7F0-RWgLm9PDdff5okva6gwB6zcxGjrq7KxqptvmEaChXvEHzqkwpqyis36-amfxEeaLP6MdQwBOKhH1dZdoeA11glTKVia83GD5Oa0HPVrFPASibh_grAcMIaWAkOAMEtBtr5CKpCTMBaHwP8yPFXs2Yjd7R_55ax6uW7Uawpfv2YVBYNelRgfgB14OGEF_OHx4dtdFSkxRBwgD8J-4ZVOarU9UAMts9175M6oh7Ff_KPkyLajs-zQbuUzkvHAQt1UH0UwySqWDIaPLBrLj0t4O7gaYlK_7SPGdViBYp9ZKqXCl03xdGCwVAvQA99FtGrh_lDytDsEugVHhTMC6EInDPskN-pFSCoFNmv_kiwhay3c0eXZZgE1GmUS0VA133RjZceQaRYURumAs_0fkAPY8rP0q0as5e-rwDaSiX5AFnGZkGN9pV6-mGdWyXtCbEjr7gU3Z2gpMRFIRlOjNx5lebhBKPIvRfgBCWnhfs9BKuvm-lxaak-u1zK1AYo8hSwFM6dDbvScCmVWyZBH25pFi3vkE4K9qkKNRDPJUB4N32dZJKalvc9CnF4gzMgR_MYpBynug2EksLCrU_eovGDcHW2-AodfXD3aEdJ-naLUY48dyHG9W9A673VHgmWwNWp8USZXgQG103bkFI7O9cEBnnOVYNPi_zMID_0CVhzjZfRJyQ_Hoa1Mf7TuytSAxXNWqwIBGND56F91b7mwN61PiZuZAriRXOY1G16sTdYNpEJeYZTEhJU8qh21D3yOG1WgFXQloywj1MvDQyOapPxrbinwihqRaczdHoAUPrTQc7sijoWBSJxH6doFV8lViZPEyoFrvB6Ta7RfeBlKyiDPuE3DlMdQW62gNdKf_RSYa7ocFVxyyAj_M

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8191 106 KB
38 KB 103ms
8ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
Origin: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 May 2022 10:18:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220502/r20110914/elements/html/ Frame 8191 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220502/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1024657/62770989/xbbe/creative/adj?p=APEucNViNAznRWEXtat4lR58NNX4tq5z2wBt0eggEz6cqzikPU38oj4&d=CnkAoCZ_4HDvnRVL_8BuuiKk5Ext5OXZV6S57AeExo3jM46TC74NTARtaHzlXGTMVCDbh2QfSg9Bx4R1v-xx5smAiK95spsdYWJNBInAaTpsS6pmCIi5rQRqGQdy_IQAshidOiGIXgEOl5-ZIQSME7DM6bGUmH9RKzzgEokUAKAmf-CkUSFI7Zgy1phsQ0-Hj76eSdvxAcUb9VBrscoADyQTHUODjh-KbdZgCI00pmluMsH-QnkO3DZqJBz1p3lijQ2syIUZM8EjVPe69g8Tz5h3NYuzsPIATNuOIjPvLUBSNc_imi--Gg9in-qPwfYaexZRGDmwU9Mjs2_DeXKW4rdjVMiiQw4V6xt3B8D_qK8y937edox_KbqcfV00kN3TR58CJV8ibnAYIayo3KpA5cyJgjXY8cUCbvQ5QGua_G-CzXqejfNQlsxufYwVBXG0Lbu8ZOpp2GvEXeuCToezll0B5ApwRWnOrrPebRk2vwQRpWZ2N8ZUe6b_5kUZt9v_7gg0AzPBCvyv57HmHXhUG2lx6IafWirqxuHuQBlTfTkMU6ibCYlJmIjGYSXjZjJ2IzfPDtooJo_0zzYOAn9fa2lvrdb5udU7W_XAXGhO-PlF6dUB5tYC7Qrp8pSD0QARsBe9P6AvtLTfw8DUdlnDtWQ-rwImTL5vFmFA5V7sNRyVvSO6YnA-SGNc6OeCeyxb3GBYf00IUMh-508MuNdLSJTJNYydMp4TvxLsv9V3zgH_xzHA239pJc-NRBhBdlqFBYDdpP778PFZUDDVm8aAXQuSJlS3plQMWD6QQijDDXRWalD4QiPEs8GcsfIlBxKcBkTNZ45Kon1TMN21xHzpXc8VkZsMxwFBw8hvx5_jM3fQObtJ2ujPyw5yOhXZGbweHK2lyjqg-uE__6Ah2SLjq0xPI_xfGEPxVGPhYgiorWiX9PUjEECE83neljO0d6pa0K7TXcLa9eODKTWDfdjz79lnRJcKrm50LQZ95cIzlKCjMsNG6eVTgWrgDEFmMusV5IaQNEfyLYvHJ-7Y-IEQVKkqRDoQfVRGoqCy1GoldRckL3rwABL4a46ojI0oVsXZl_EPPpoaJ6OF8MAPTjk9IbM_mpn1npV_4Tu6q4Fyar1XnVnnxQM214D7gUqFG1QufujGxBKBIudkW3yuZfu4mmfcbFJwuAykrgaUz7Ftrkq289GUorCYuYQKYUnAyRUbggroTs9D_U6-fZsPlcoUzpr2M-cXT138zaDsVoJupxvmsh8eALubrNYHCXoAec_9RpUqcH9_ecNSG_fblOnR7dqTbNAlHEOtm32YA8LEyuBjpp8FKuj6X1LQ8FRPYBEd644ENlgC4xfafC-7g9XMoIHd3wJz9fYBdFDHhRgdqxIrS1SaTO5oeyqAc90_BbsFZ8YlUCU59fU88MU3nRkgTE2UWFRFnGPiCvsc1bdHZZv6UU2zhHv_kL1l8fPGmxDrjEQoKcUQAfWYO93TZOwx7hpfLNkXVMb21BwDweSn1Ybwj1xqIhzaCev-hNRXwihyHJ69Y7EiJ9axCHPbyGZSl3XLUqrfdV68kp3oAOmxhUrbg9ZO1lDtaOjcbE0L5R7MdMmbZk7CzemxgieCK8gk0O9bopWyboPwC66h_nciyXQAiM4QiA8QyfI80WhD9UH-PHOC6KVOogLshhKjiAWTh8pNQgkRbwDfnaX-NrFtA0sDu6tgv6B0BH9vzh3vE0-hHnS1RJm03Y5xAYWGYIzfiritnaELyLI18EdJI25UnMFrbNN4FFxcjbegFqCxIQIOQZh9JYQlXEwPeWmDXfCMkLAsyIapvvvHJk6DqMVku0fxy22rXpurmHMeLWBHks-cHyTQHt3f7g8bVDczmtMIwKO8PgzURBhGkJt-PHHs2OvWGGwOPo3MHYvWCEXA3gV9I7OO7OeJ5QKpxUJT4knFsbXmQpDL3IF-dggqApmAtbWESHE7cV1hd1_2Hk3RAHPDcRYwjvaiZI4xwCrVDN-4IbDkMGhWzBt8CY3Wdqbzh3Yb5uE-vRe1IgGkp_qrJjs65zw-F7cOZzDT9WTtNrD57o2D2W31vD3EsPPDmxj1wth95iPc1SpQOU4uy776XzDDmNsAml-sNgfApuzLiZMb4OIeFlerndDMAKVa4w8Um71TEwDYkK0UgZaN-NwR8ONmJfhkSzB6eKrITQlMd8TiAU7NgEvMmgZVtncGPwkQ-a0e5nNuNNmnCoEy1LcIkEps4zZ-Qfz--T8q7HO_QQ2O4kf8aS2DXmUx0LZOoG0SPMXx-LDaQZibA5u0dKv361A3B5u2FF_8NBNH9EYffja1qPNyudjZoz9gi2cNm4s-1h6EH8tm1Ehh28nYvSbLwet_QjUJHiE7HVn5Bk7yeEt6VO2XEl4Vzg2pR0VFlLJhTBg5zHHuqDRX_KJlYgEN8cKrNexbTFKoIUZr95PCt-UhqAgfl6Bd7qDd6PH48BPm8TxycYKrlYjhcwDTn_V5QFlCyvU25AmxqtpxwJTxZREpI4qs-1OQaa5ZOXBvm0DGrP_Q0NvNDA6ifIVHE70wP8eo2qLeggi6FjopSFyMpslpthTFQvVJU0D_u91jvA3XLvY0ZHEWHr9x4yP0PX_IUgFfQTT-HjIXbmULGpoixJpiOdpzRl2RIBu56bdgCqVshJKudiXy69EVANk3xwqrCVckwNrpOXVv_9lm3dOLVB5rB2Y-y4FnTer3swr5hpsTn4T4VvEhm8Wzz6xWJt9fQAon9v0Ewvm7wbwFm5ju9g_K7xy0oMNfmhvs4UbauLu3VAOVHZZpjfYkuYNzgIhhvYsc-MPWxWp-TdLXTP_Gq1L9jE156AaUNS-W-lQZ7B-GOY2opAyiY1pcuLRAL8C9BacQYTw4HRed4aYy8KE8yqn8xsmqjHHy6K54J3dSHH0pXd1tKtK6tIp4gAJMRdvGz9pBzBuXJJKzHGPLL1SFo8e8inJan-K-3tEph4dD6fn269trKG535Q5FWpgJWvjMhEsBuwT5dFQQ4EMmqKBSKoTlKADawXVi2P8858Lgqk1Q5256x51hOmDXuYalq4pfzQ3IXx8eOU7ogHxaSBKQKQt9TH-cyJgUbC10AZFkEFSaMkizs2lzifJbQAkQEFACokL9VrhqEWa4kzGXEl2iC66QzkUXTBLGe2pCh2Jy1aHH7zVC0fqDRoft0pHRdZLi1b5U8KKaIc4JM-EZprsPpTE54qSekuCTxKwQ2hbWeZlGJ2GDBsscMTGBqfoEis0cDm3ktOdue0jiXNXLLF9CWBq46u9LX88u_7hMZYc4BhLLBLIG79IieBmE3zk-nbpKdvzoFyrDjdnnjpcMRx3ZDSTZZ9kvz102he4ij2SvdH5uvcl2RTq1grxPiINfS6QmBxUZTgMbuxCa4wMxhyBA0tDkAixdk_qZy3ScV1UFacF8-34Obfbd9ioEvd51Krq2lzR4km2AQd7_gE6ENCftkiU_aSF-rG4qU6zP4PIIJtmGl7eF1HGc2PJV9X1Lr-MQi1BR8PA8zZNmDqmR3mKsM8uMI6Ecb1OM-ybbUubIi6XOQQZahgm-zko9HO8i6jG1p1BjgGRY4-2qchopCAASJeRogFR6YF-NLQGomUZZixB6UfdmXBRGJp9mRahLvZ2tE_tMNXNgAQ&ias_dspID=3&ias_campId=28132469&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=17053386653&bidurl=https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gQg4dQuTaJXsowaMAQuanI&adsafe_url=https%3A%2F%2Fwww.winhelponline.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.winhelponline.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fbae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:eaff84ff-8773-6b2f-5b92-f1d1e99f919f,c:bI7UWh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-gbscv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t4VKxI8+11%7C12%7C131*.1024657-62770989%7C1311%7C13121,idMap:131*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:57c6f743-cc2b-11ec-a650-aa70b64bbed6,v:19.8.306,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 01:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 01:26:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220502/r20110914/ Frame 8191 25 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220502/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 01:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9783
x-xss-protection: 0
server: cafe
etag: 9821519945299111448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 01:57:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8E5D 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 05 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/625910766703263639/300x250/ Frame CDC6 5 KB
2 KB 23ms
8ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95fa7c9947acf125428f938911b90170626602b89ad6205ae1788f31605d5028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 579869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1583
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 11:20:38 GMT
expires: Fri, 28 Apr 2023 11:20:38 GMT
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E5D
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEFAQWn1wMfRAMp5TvAbVH1s&google_cver=1&google_push=AYg5qPIRK0qFIsYgzpfLyFIDcxnh7FXP_GMc3M2IlE6w6846Y_lxYiI3z6XmOR1D2s3ktU2rP3v9Xc0AOwTQlU01Uffh8Gxw93A
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TDFDWG8taUNEemV2OFQ0RnBGRnpZZw%3D%3D&google_push=AYg5qPIRK0qFIsYgzpfLyFIDcxnh7FXP_GMc3M2IlE6w6846Y_lxYiI3z6XmOR1D2s3ktU2rP3v9Xc0AOwTQl...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TDFDWG8taUNEemV2OFQ0RnBGRnpZZw%3D%3D&google_push=AYg5qPIRK0qFIsYgzpfLyFIDcxnh7FXP_GMc3M2IlE6w6846Y_lxYiI3z6XmOR1D2s3ktU2rP3v9Xc0AOwTQlU01Uffh8Gxw93A

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TDFDWG8taUNEemV2OFQ0RnBGRnpZZw%3D%3D&google_push=AYg5qPIRK0qFIsYgzpfLyFIDcxnh7FXP_GMc3M2IlE6w6846Y_lxYiI3z6XmOR1D2s3ktU2rP3v9Xc0AOwTQlU01Uffh8Gxw93A
date: Thu, 05 May 2022 04:25:08 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 242
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 8E5D 43 B
65 B 29ms
17ms Image
image/gif 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMsO4QfAyEwjllqSuL2jWxY&google_cver=1&google_push=AYg5qPL2cnDdkXeMX18so9wLlWbYJurqvL-DpKNYyg3WjfNCPYo28CRw6SiBkaVc3YsVwIIe5jcyY065p6ym78xzawWo0VMD8MmT

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 May 2022 04:25:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E5D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAq0IZWra9QahZ2A_G88Mck&google_cver=1&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAq0IZWra9QahZ2A_G88Mck&google_cver=1&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4YwEBQ

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4YwEBQ

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLbnua8sqiBJB7qhKPkDTKsrbA670kxE0hjW2sGelcXwiBFkO28eGaY30d6GlK_fc-4_LX18n2xr79wCCKU_0owo-4YwEBQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E5D
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENzkJdny6c047lzkpl61hlY&google_cver=1&google_push=AYg5qPILucitLupuYbU8LN0kELPmGyZpJv2Jf-XPZGBDNkaTiQEWJrqv4dEXkJ_APsEp-P50OgJlWpMYSzYPkxxs...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILucitLupuYbU8LN0kELPmGyZpJv2Jf-XPZGBDNkaTiQEWJrqv4dEXkJ_APsEp-P50OgJlWpMYSzYPkxxsMfqVrRGBMwDG

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILucitLupuYbU8LN0kELPmGyZpJv2Jf-XPZGBDNkaTiQEWJrqv4dEXkJ_APsEp-P50OgJlWpMYSzYPkxxsMfqVrRGBMwDG

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 May 2022 04:25:07 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILucitLupuYbU8LN0kELPmGyZpJv2Jf-XPZGBDNkaTiQEWJrqv4dEXkJ_APsEp-P50OgJlWpMYSzYPkxxsMfqVrRGBMwDG
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ap6ggBWXlUNAfOBRXZ3W0Wx2LKO5pb85L9fWzQziIV9vxP_azxm3uw==

GET
H2 204 exptsync
ads.yieldmo.com/ Frame 8E5D 0
35 B 131ms
29ms Image
text/plain 52.215.11.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/exptsync?google_gid=CAESEMLmFA00YGSTWE7UaR26V1k&google_cver=1&google_push=AYg5qPKia3_wsGjydS88GTzf7ZrFCWwGo5uKpZAbeFUYTmgyDogL5wueM9BQ37mnVvbribs8z0g7hWHuikYXyCIZIKvh97-pF-fz
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.11.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-11-117.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT

GET
H2 204 pub
cs.chocolateplatform.com/ Frame 8E5D 0
68 B 305ms
83ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGoYDqRIN4EA2DMqD2gcGyQ&google_cver=1&google_push=AYg5qPLySh1V3mK1A3y22UGBIgWGt0qTCxAGhZPi2kF2y09ItzrLIQSqoLnZQZU6aBY8kEJ-MNvmhKwWkSMJyoxo27fK1qwrEaS7
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Chocolate Cookie Sync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT
server: Chocolate Cookie Sync Powered by Vdopia

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 8E5D
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESECEH4wgw5RKHzgfNKhY-gHo?ext-param=AYg5qPIyoo7Kqnd2etYceK9Xv8GBvv6FHlvuxaPCJWMKU_RgQsDnDz9fLR4GD1lnFpAP9D1G58_amGyG8hqXknay67jwNEa_57Rz&partner-tag=yandex_ag&g...
https://an.yandex.ru/mapuid/google/CAESECEH4wgw5RKHzgfNKhY-gHo?redir-setuniq=1&ext-param=AYg5qPIyoo7Kqnd2etYceK9Xv8GBvv6FHlvuxaPCJWMKU_RgQsDnDz9fLR4GD1lnFpAP9D1G58_amGyG8hqXknay67jwNEa_57Rz&partner...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESECEH4wgw5RKHzgfNKhY-gHo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

49ms
49ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:07 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 04:25:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8E5D 0
12 B 15ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBndxgn2EIAaPXRXxnKKl-YKUXHlG4N9JkcJhES-iXrJ-IizD9vEA6uJ8ZKgRMj1Dqp4XRLQ

Requested by

Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8191 43 B
301 B 84ms
83ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1024657&asId=eaff84ff-8773-6b2f-5b92-f1d1e99f919f&tv=%7Bc:bI7V2e,pingTime:-10,time:386,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDEuMC40OTUxLjQxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1651724707478%7C%7C0ffac939b3b271496a04e019642c4898%7C%7C727ad4f7864c7014a50b399443285ac1%7C%7C0504ebbd0d47e417ba8817afb7dc0307%7C%7C178dfd92675005ec13994f969c754a9a%7C%7C2940dc7deef7c4ed0a9ff5e963b20899%7C%7C3aaedbd557a41f38d7dab409f56bc335%7C%7C724e4f1e67c70138c3f6771f98a707dc%7C%7C1629390669%7D
Requested by: Host: bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
URL: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:07 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 screen.css
s0.2mdn.net/sadbundle/625910766703263639/300x250/ Frame CDC6 1 KB
513 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/screen.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f802889ff4315c2174049ae8b56c5ac682f3795001580023ead2589d121442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 484
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 border.png
s0.2mdn.net/sadbundle/625910766703263639/300x250/images/ Frame CDC6 152 B
179 B 9ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/images/border.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ad878edb0e980fab2f682b3e4277ad0c76e7625d80a062b6249b184ec31e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/625910766703263639/300x250/images/ Frame CDC6 8 KB
8 KB 10ms
9ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

698f3ca76eeaa054575f20435f760825d24f9290cfb60979debeb8c45028c66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8291
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/625910766703263639/300x250/images/ Frame CDC6 3 KB
3 KB 12ms
12ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f3caa8f3dca460af84e369d7045bca0cd4b0afd6193add202bde7196259521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2582
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 text1.png
s0.2mdn.net/sadbundle/625910766703263639/300x250/images/ Frame CDC6 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/images/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c80b99ac7c0c972e9c2a94f430047a1650617986518a576665ea5d23ea7f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2881
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/625910766703263639/300x250/images/ Frame CDC6 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/images/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d0575d7555c8a3b86a9222e7c4c120dc9415200f143b97467b8cd9a3ba3d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4509
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/625910766703263639/300x250/images/ Frame CDC6 69 KB
69 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/images/background.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d11cb852eb754cb181c46ea3595ba14078e9bbc4ff71582cce8ebf697eb7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70385
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CDC6 60 KB
24 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 May 2022 04:25:07 GMT

GET
H3 200 cssruleplugin_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CDC6 2 KB
1013 B 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 985
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 May 2022 04:25:07 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CDC6 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 May 2022 04:25:07 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/625910766703263639/300x250/ Frame CDC6 3 KB
668 B 12ms
11ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/625910766703263639/300x250/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3e2c1c8813125c610b668bf0731d6c39c54f232e61b76fbc443464819564914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/625910766703263639/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 639
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:31:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 11:20:39 GMT

GET
H2 200 army.gif Show response
www.winhelponline.com/porpoiseant/ 0
326 B 47ms
47ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzQwMTA3MDE5OTI5OTI5IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6IndpbmhlbHBvbmxpbmVfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NTE3MjQ3MDMsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjY2MTY5Mjk3LTQ4NTAtNDdjZC01ZDU3LTE1NDI3MTEyN2MzYiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NDAxMDcwMTk5Mjk5MjkiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0Ijoid2luaGVscG9ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1MTcyNDcwMywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NDAxMDcwMTk5Mjk5MjkiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0Ijoid2luaGVscG9ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1MTcyNDcwMywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjYxNjkyOTctNDg1MC00N2NkLTVkNTctMTU0MjcxMTI3YzNiIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:08 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46%2FNRYFEEcnIQBh1vFsse5rz%2BSu3EvTLpWEiAa4gudLEvS2M7Zt%2FB8e3igJ%2FH%2B%2B6eQP7h2OkwiyXK0ANksNvOUwiWwJDJ5LMKsWJ71RJv%2BQWqUYadNTVxvsrqbFYRtRKJVcDzxiRZYUYcenBFZe3WGsIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5e2fb069a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_etu&pvsid=2717845784122781&vrg=2022050301&nw_id=1254144%5C%2C1041599&nslots=2&eid=31067407%2C44752585%2C31066184&pub_url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&rsn=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
178 B 469ms
468ms XHR
text/plain 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717845784122781&correlator=3950494784360756&eid=31067407%2C44752585%2C31066184&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A1041599%2Cwinhelponline_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=1247036550&sfv=1-0-38&ecs=20220505&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7610976901955742%26eid%3D7610976901955742%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod24-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-2-7610976901955742%26eb_br%3D04b5efc3207e2390972f099a6a3c4757%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D4511284716%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D1400%26br2%3D1400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C67%2C0%2C168%2C20%2C192%2C119%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2030%2C774%2C21%2C22%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2800%26reqt%3D1651724708794&eri=1&sc=1&cookie=ID%3Df58797d1e66f6c72%3AT%3D1651724705%3AS%3DALNI_MaupbBLSiicpY8lv9Hmuxl722aAyw&abxe=1&dt=1651724708800&lmt=1651724708&dlt=1651724705000&idt=405&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2039225275.1651724705&ga_sid=1651724706&ga_hid=794632280&ga_fc=true&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4f4ee55fe5bb73f12724f303bb7f61658aed02649c19bb306d67230e45729d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e-202218.js Show response
www.winhelponline.com/ezossp/https/stats.wp.com/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/ezossp/https/stats.wp.com/e-202218.js?screx=1&sxcb=1a
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
etag: W/"6197c5cf-3508-gzip"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3770
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-nc: HIT hhn
x-ez-proxy-out: true 2.3
server: cloudflare
x-origin-cache-control: max-age=31536000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Osm2gkicnggzrgLwbOhU21fictHO9JpgSbWsV7rxf4%2BRbbq8E%2FDeYwp45siSwUPOvb5hm9ZC%2BtLCe3NDt72Q75gv6x7veeHR5o48NVleaL0NEjrhWK8yYzpAfLsnoMCnE0KuWrYFo3phB%2FFS64QpoWpnJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7066b5ef0db99a0c-FRA

GET
H2 200 jquery.min.js Show response
www.winhelponline.com/blog/wp-includes/js/jquery/ 92 KB
32 KB 31ms
31ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=1a&ver=3.6.0
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4694b38beb61e9b20e4e0c9a1172b8e4ae7037f7097ac272270294f211dc8ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399360
x-ezoic-cdn: Hit ds;mm;1b2a52fd56e0139750886853b6f16d47;2-105367-20;3f3e3590-36a6-4606-78a2-a656e8d60f4f
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"15db1-5c791524d892a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCKkRen3yHHM3lzYuRLm6nfBX3C9VFBZtMWs%2BTSA8rGNmJKUWqKUDg3NS8vDwOwmQPLGEiwE1YPMmG%2FFhsTC3uPOs78do80p%2BaH2sEugbxCoOxChIPmCd2vB%2BPoiNWb%2B2WxGUtGW3%2FsrIkRv5gMffNyVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.14% 93750 / 93877
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ef0dbd9a0c-FRA
display: staticcontent_sol

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/160773/ Frame 9FA0
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/160773/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

869 KB
202 KB

14ms
7ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/160773/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3de8dc43d75ba34b18da574a7d9c62d252e31b622e54dc1bf354043bde0618a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 12:55:59 GMT
age: 55496
etag: "26192795815830911f5dc52a1dc2c537"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 206750

Redirect headers

location: https://cds.connatix.com/p/160773/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date: Thu, 05 May 2022 04:25:10 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 jquery-migrate.min.js Show response
www.winhelponline.com/blog/wp-includes/js/jquery/ 11 KB
5 KB 49ms
49ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=1a&ver=3.3.2
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc129262a38049aa808d5bf97d37ca214e33a558d2d8869d7638d53e78108166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399360
x-ezoic-cdn: Hit ds;mm;b7857da18040b355607d22cd8b491b9e;2-105367-20;5ddcf3df-e077-4cb5-77e9-36daef992d6e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"2bd8-5b5ff5afc61ad-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdlE4SIURkUlaG72TzbXCyciz4Is5WiZrAbJkX2H9c8LXT%2BSYz3uVb%2ByYxcMMrA4sJuuSG3%2FpeKo4U29jKri2%2BUutc6MvkZtD25TKXF0mym63M5VGuue5xfNDtN6DMaYiU8Nfi19aOVHLuw4yl0sFLs%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.16% 11738 / 11757
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ef5e439a0c-FRA
display: staticcontent_sol

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
178 B 386ms
386ms XHR
text/plain 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717845784122781&correlator=1805920951865156&eid=31067407%2C44752585%2C31066184&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A1041599%2Cwinhelponline_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=1247036550&sfv=1-0-38&ecs=20220505&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7610976901955742%26eid%3D7610976901955742%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod24-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-2-7610976901955742%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D4511284716%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D700%26br2%3D1400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C67%2C0%2C168%2C20%2C192%2C119%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2030%2C774%2C21%2C22%2C21%2C22%2C2339%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1400%26reqt%3D1651724709303&eri=1&sc=1&cookie=ID%3Df58797d1e66f6c72%3AT%3D1651724705%3AS%3DALNI_MaupbBLSiicpY8lv9Hmuxl722aAyw&abxe=1&dt=1651724710308&lmt=1651724710&dlt=1651724705000&idt=405&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2039225275.1651724705&ga_sid=1651724706&ga_hid=794632280&ga_fc=true&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8925b2d6017a2439a83206fe7a2291d5cfdbe7b03ef0af40901176369e2964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 front.min.js Show response
www.winhelponline.com/blog/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/cookie-notice/js/front.min.js?screx=1&sxcb=1a&ver=2.2.3
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc65b08728c290b17d1b2020b83556cb2877b1332ee6bdd95d8dff4bee0235d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397747
x-ezoic-cdn: Hit ds;mm;a95d659592cd600637713df8815837b5;2-105367-20;1857399f-f0fd-40dc-71a3-841c162e9db0
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"20ec-5d92b0350c0c5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ%2B0JCGpr0utzr8Vwy47dHD94eiz7ODIHz4pHAhHGuhk8QjqES9iML%2FntVhOET0qIFFXdodZGu9UC7WR3tjhZcv1NtKmxqWnB7niHiPNm0wficU%2FWjOEg5ti3DP8sSCQRULW12HEdA8CtVZ5TfJsBJ5JRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.04% 8521 / 8524
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ef9eb89a0c-FRA
display: staticcontent_sol

GET
H2 200 v2txcy04rjZopTneMZkkmjdOHWa_9dXazQHK8Uq8CX3_UmMfsxi_hGles0UBpK1X5 Show response
absorbingcorn.com/ 90 KB
27 KB 252ms
212ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingcorn.com/v2txcy04rjZopTneMZkkmjdOHWa_9dXazQHK8Uq8CX3_UmMfsxi_hGles0UBpK1X5

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3f810b248d3c1fb85f6a6da25ca0ca8b064b9e0d89ef98a00f5b5d841eae69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "d723807240632b95d8fbd09c0feaa86210f233788d9ca94567bf5510ce4502aa"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-dg9q
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 05 May 2022 04:25:10 GMT
x-buildnumber: 520707442
timing-allow-origin: *

GET
H2 200 cse.js Show response
www.winhelponline.com/ezossp/https/cse.google.com/ 10 KB
4 KB 100ms
100ms Script
text/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/ezossp/https/cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm&screx=1&sxcb=1a

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d57471c286b677cd4070aa0387d6ecc46de5092beaa6f8d3e82b8fc5b5d6b110

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
x-middleton-display: staticcontent_sol
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
x-middleton-response: 200
x-xss-protection: 0
bfcache-opt-in: unload
x-ez-proxy-out: true 2.3
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkmyW4N80Bnuvv%2BlB%2F2%2FOoutWfVZkktyNZEdPoqhntcGWZ2q0y3MWZ2YU3%2Feku0Po%2FaT1UD9FA3%2BtCQZfwZCtuToHNla3sG8W2V1GFiY6BeLstaSZQhDJ1uO2Www7wY70AO4jrkadEKFWUbNn9K%2FYG%2FI%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
accept-ch: Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cache-control: private
cf-ray: 7066b5ef9ebb9a0c-FRA
expires: Thu, 05 May 2022 04:25:10 GMT

GET
H2 200 script.min.js Show response
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/ 23 KB
7 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/script.min.js?screx=1&sxcb=1a&ver=4.3.0
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ed683257f28ac769fe650a7504450eb77852a4cba1f79bace5dd43cbd557e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 186635
x-ezoic-cdn: Hit ds;mm;f22c4aaa56eff5c4708b5a86e460262c;2-105367-20;77b27ccc-d5e9-448d-6a99-f9ee13659b4e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"550b-5c79151797f5f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlMOH3f%2FaJt%2Byhn864%2BzfNpZfDdHYTFhfg%2FlYZvzLspxxzO9tdScrHvXh9%2BxKjAZJCmkhYVu7e%2FCKa2lh0aJdt2EJEgqi3GqGL3PYK0Zd8yFDeyR5OGADRLZNXEiuOdXL%2FxwqFMrPzK4UZ0PzkExgOsM9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.37% 23416 / 23503
x-ez-proxy-out: true 2.3
cf-ray: 7066b5ef9ebc9a0c-FRA
display: staticcontent_sol

GET
H2 200 back-to-top.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/ 763 B
926 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-content/themes/generatepress/assets/js/back-to-top.min.js?screx=1&sxcb=1a&ver=3.1.3
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6953b24e42640645ebc36a7bdead13b10abdddd28abec1d8d7904d329e6cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399360
x-ezoic-cdn: Hit ds;mm;f12dd3bcbac9e9b4a589ab2b314ce92e;2-105367-20;265b3557-6234-4cec-56ef-960d7a7e1ea6
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 21 Apr 2022 14:05:40 GMT
server: cloudflare
etag: W/"2fb-5d79998b73167-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sccqXuHsqXFfsmkNetG79E0holC%2FeaurBoa3T4CTpGIr9h%2FQtti%2Fia%2Bcru3nJEw%2BQp6DzSFQG5XYZfpfaun4P0ZSmM6Gh35o%2Fh3d06Si%2B0vqj9r2Eme%2FRA7ouDWvz0aDwFqBOMmjnDpakGQ0109FUTljyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.00% 763 / 763
x-ez-proxy-out: true 2.3
cf-ray: 7066b5efcf179a0c-FRA
display: staticcontent_sol

GET
H2 200 comment-reply.min.js Show response
www.winhelponline.com/blog/wp-includes/js/ 3 KB
2 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/blog/wp-includes/js/comment-reply.min.js?screx=1&sxcb=1a&ver=5.9.3
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684e639ba014e89e108c7a4e5b60013d89bc66269efe91bd62b572593715e294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82018
x-ezoic-cdn: Hit ds;mm;abadf5a536731a3420e7bc6ee9a6b1fc;2-105367-20;e8e154a1-2773-4d90-6c26-c5cd7f6a91d4
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control
response: 200
last-modified: Thu, 28 Apr 2022 18:53:03 GMT
server: cloudflare
etag: W/"ba3-5d672e746ac21-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbMIJgzBWf5dNbMZC%2FK67EkaPenuKCwuouWgjQd6wE2Jy1K35oPSgIMSjldC%2BiU9Gvywia9kfmFH3s0%2BRC2YER4qNzmZoEbRT5LWMUiKlxhd0QgglGtr8jigXyyrKcr%2By6vTnhS8sdXUjriXAFZG1U7G9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.20% 3070 / 3076
x-ez-proxy-out: true 2.3
cf-ray: 7066b5efef4c9a0c-FRA
display: staticcontent_sol

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/160773/ Frame 9FA0 0
47 KB 7ms
7ms Other
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/160773/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 12:56:00 GMT
age: 55496
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/160773/ 56 KB
9 KB 8ms
8ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/160773/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 12:56:00 GMT
age: 55496
etag: "563e0ae70a190337a57b9f3faf012f8e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8661

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/3e1664f444e6eb06/ 303 KB
100 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/ezossp/https/cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm&screx=1&sxcb=1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102672
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 02 May 2023 11:12:05 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 41 KB
9 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/ezossp/https/cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm&screx=1&sxcb=1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 02 May 2023 11:12:05 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/ezossp/https/cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm&screx=1&sxcb=1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 05 May 2022 04:50:03 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
126 B 28ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9&blog=2943880&post=6479&tz=5.5&srv=www.winhelponline.com&host=www.winhelponline.com&ref=&fcp=1274&rand=0.33493794312107417
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 May 2022 04:25:10 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 9FA0 9 KB
5 KB 152ms
152ms XHR
application/x-protobuf 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=160773&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 95d73e838da56ec22fd452322b93235842c9f7d775a0e0525307fdcfde75d484

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.winhelponline.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4723

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 541 B
767 B 36ms
8ms XHR
application/json 35.156.95.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2d429bce904cd89ac83c260ef17341d1eb6cf3438b4cc8f905c70dd027719ecf

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:10 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 541
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 159 B
373 B 270ms
245ms XHR
application/json 35.156.95.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5e782e4637c589109979db0eea71eca5c304fc80bb655ff006ce6126daa90d57

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:10 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 159
expires: 0

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/215626/0/ 0
177 B 66ms
31ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=6.17,2.1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.winhelponline.com
pragma: no-cache
date: Thu, 05 May 2022 04:25:10 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 315 KB
83 KB 269ms
269ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

da3554ac3f91d1d4e23d4e35130f5ef0b526707c5af8b1698c13c9d27ec93cd6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 37a6a68d-4742-4a7d-9cd4-283f5132154f
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 136 KB
44 KB 219ms
203ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

45eb8d85397e55cc01153ddee7fc174c7f557dcf7b04642bdd607fe24d44afb2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8ded20cf-1fd4-4552-9ac8-0a095d6f87e3
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 300 KB
89 KB 272ms
256ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8a11e93899d532f2ee3772df2ecea79f638e24e65e83b1a0e36ade36a34d87bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9abdbc68-faba-48bc-9bda-92f37b2f36b3
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 84 KB
29 KB 187ms
172ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

03e921a1101bc47cd99c84100b7c8eee018ad162d6a3b1237f5664e9d90c8d8a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d93883c0-6353-4a85-89c6-9b85f17d4af4
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 160ms
82ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=20299c50-8c59-4f7d-ac7e-ca995749d146&l_pb_bid_id=1370b79d29562b38&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.905651489241132
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4a35e3334b884f6dfa9400b88ef7c3613f2029ad1d87ffb4d5fc3bb436185fce

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2346
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
4 KB 158ms
80ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&alt_size_ids=16%2C232&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=ad2b8dd3-7d2c-44d7-8aec-4229e1c44616&l_pb_bid_id=138b3dc5adc0a922&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14354940469497857
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1cd51b1b387ddcadc568d35fca03b8ad9d187ff535b15ce8ee403a4d031ff446

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2791
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 160ms
82ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=b05be0cd-1f01-4906-b0c3-6c242ca8bbee&l_pb_bid_id=13988de4260f72ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6413039450044276
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9ebab423d92409a3c7e9196d34f544d31a09fb4b04c270c1d79fb766c5f346ff

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2400
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 158ms
80ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=76c2829c-e6d0-4cc0-959a-7d66ed6a7a40&l_pb_bid_id=140c8c555e78ea1f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13334925598011216
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02bc467a8fd21ded0014b78f1229943d2c3139d61e83f9f2661351ebc5a459f3

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2389
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 181ms
103ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=bb55cad0-a3c3-4e48-8d83-f639ab642b4b&l_pb_bid_id=1418f88f59f27844&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5729235506806749
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6b0829f2e644e2fe89941d9db18ba28e292df47cb7f1435bce2868593bfa888d

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2370
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 149ms
71ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=34173952-428f-4003-a827-c68e134c31f0&l_pb_bid_id=1423eff30f365661&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30673134236277333
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 58e11796a7f2c78f6481faf64444cce1a52dd7f9769b73c060bb6aa070ff2863

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2373
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 238ms
89ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=4857fb9b-63ce-42ef-8084-38cd91952d56&l_pb_bid_id=143c0adfce3b4c27&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20277213294751584
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e8b1d27ed3252017a01a02744d7cb0aafebec6dd859f724b81cfe785a2e09be9

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2371
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 262ms
103ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=3e235b8e-96fc-4446-a2dd-3677e8f0dcfd&l_pb_bid_id=1449a67dcc86adf8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5608049570545963
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d22b135ef52e5a9027f1399bc19d31842dd559fc781427ba670b4dfcf2661084

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2381
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 242ms
82ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=f36fb143-e834-4f33-a81c-df7f3c35f9c5&l_pb_bid_id=1455760a21b555ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2384125597035558
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 80d6d8b27a9e590b057121e5ddee3d8e7f606fd48fc78cc995087f10c5bd396c

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2405
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 224ms
65ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=6813db7b-141a-4a36-8050-31d5bbafb440&l_pb_bid_id=1463a181dee3e0b5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4550873963611377
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c0b9c15543268ad251a723d1cd3008a245835bd57e2aac8cd14b662e7f5e58eb

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2391
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 242ms
82ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=1b34bab7-75ca-43d1-89c6-2f300deda56e&l_pb_bid_id=147895171c853f11&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6307088029534889
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1d78d79d41c4c86a14f16d84d4fbdcbd5b61e2f5a5d37d610e7b2da2c40c75b0

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2362
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 253ms
73ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=898a7233-35fb-4759-b920-99e67b0bdc3c&l_pb_bid_id=148f9a48e95db766&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5300408984877703
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cbb917ddcc6f6d1d1962774c9af52d0dd32adbb902fbd63c16afd3dd95b7642b

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2390
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 312ms
88ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=829314db-59d9-4150-9ac7-570edc9a0589&l_pb_bid_id=149e82d5331b1285&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24135888882894108
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dfbf85cea8bc77e56f6cc34efe8e17c94bd334c9ab5f5b52a4ea4c7d7a1a71a3

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2377
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 308ms
71ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=14&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=e24e4c87-5651-4615-a109-3741adb494fa&l_pb_bid_id=150504646839f27b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.44786665256525415
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 642fd9758abaa6ec6f8e59c293f678025c7bd089c4f8e57644aae29aba9628c7

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2378
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 382ms
140ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=afbd613c-541d-402f-a47f-888452484a54&l_pb_bid_id=151922622549ad78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.901574452239198
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 436c8f67a47b14395e62b469c96212b3877b680ff8b74c8a35dfcee64720d691

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2397
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 332ms
90ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=14ced285-1789-4fbf-85e3-c98625d785f6&l_pb_bid_id=1528ca01ead98a2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8251962993138893
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7b765df6295022aeb2fb097907d29449b271b9162f9556d1176516443cdab024

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2364
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 327ms
74ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=80b923ae-1621-4f07-a9cd-ebab10811c6b&l_pb_bid_id=15351ee62437e27a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7688804796649065
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e1d8fdd6e14ed39fe5fa3a5fc8433da11ed1275fc488b2da5cfbf8cd81a705a3

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2397
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 361ms
101ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=3f2910ce-c8c7-4c62-a049-496bfd5fba9b&l_pb_bid_id=15426f4cbf775b35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4174942362399492
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b773735c29dd766304cd47335e12b97a590ccf31d09c4a09b68afd9561ec84dc

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2380
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 381ms
73ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=0edfb784-3ae6-418f-b4d0-e05224bdf71c&l_pb_bid_id=155f3f28d09d03e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6225137940654724
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7eb67d0d0137076f8d48383105f6a33bc1f36370a3bc990bd669aa2f47c38a93

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2345
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 379ms
68ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=60251fc4-ba92-4620-8c60-58bd2058affc&l_pb_bid_id=156453a6b20788ec&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9289957398707878
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e1e37043f8a4b65db2925704e665a5cdd225ffe6f0cf3a5899e7d3fccb512644

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2382
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 395ms
69ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=14&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=4551d85e-bb3d-4024-8579-9bf14da34e82&l_pb_bid_id=157118fff4e8e842&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5159647420982818
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ab784a52deaa0a42e4878b85f44b610615cf2c0b7f3460178ad0f7ac76777784

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2393
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 411ms
81ms XHR
application/json 2602:803:c003:200::61

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,6a88ed6ade2b65744bd01fe8f1ae3c0c,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&tk_flint=pbjs_lite_v6.17.0&x_source.tid=b304fddd-fe29-4a33-9d7f-c310deb7d862&l_pb_bid_id=15808a548b821ed1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2566025445492619
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 09a6487b5a18717bd2559b064bdb0f4b7d91bc4fb813eed36c403f8b5b8e869d

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2384
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 42ms
19ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST /
ghb.adtelligent.com/v2/auction/ 0
0

POST /
ghb1.adtelligent.com/v2/auction/ 0
0

POST /
ghb2.adtelligent.com/v2/auction/ 0
0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 73ms
34ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.17.0&cb=63764392492

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.winhelponline.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 28 KB
12 KB 152ms
118ms XHR
application/json 72.251.249.13

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.17.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,amx,appnexus,criteo,ix,nobid,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,spotx&cb=195-8-37
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17aa29eab03f827c36f31da358b1f26be0301635caa47067d53a60a3c17265ab

Request headers

Referer: https://www.winhelponline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 04:25:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.winhelponline.com
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 army.gif Show response
www.winhelponline.com/porpoiseant/ 0
374 B 39ms
39ms XHR
text/plain 2606:4700:20::681a:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzYxMDk3NjkwMTk1NTc0MiIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjUxNzI0NzAzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2NjE2OTI5Ny00ODUwLTQ3Y2QtNWQ1Ny0xNTQyNzExMjdjM2IiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTY5In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/detroitchicago/cmbv2.js?gcb=195-8&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21y5d-22&cmbcb=62&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUbLa5qBd5%2Fq7nh%2FaKo9j1SBCX5OHCYxBJw%2BsRxzcl2DJjvjOMNVr7ZHfJELS3z5gCqJiHCd4zmVrKXklbXwcBuuy60hO2cmxZm7SI1mc1u11e%2FNBDNTQjAXxkn2szaluoqw6a%2BKPhQnSzJExc7jsuK9Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7066b5f128ea9a0c-FRA
content-length: 0
expires: Wed, 04 May 2022 04:25:13 GMT

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YnNRo8JoWhsvPgy1V8y2oAAA%261203

86 B
450 B

8ms
8ms

Image
image/png

35.156.95.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YnNRo8JoWhsvPgy1V8y2oAAA%261203
Protocol: H2
Server: 35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 86
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 05 May 2022 04:25:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YnNRo8JoWhsvPgy1V8y2oAAA%261203
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 304
Expires: Thu, 05 May 2022 04:25:10 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 139 KB
51 KB 67ms
17ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abeb144794155af9e5c5a9400d8f6197d1cda38e8b2172b66a9321de89fd37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "18333268162610506484"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 05 May 2022 04:25:10 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:04:14 GMT
x-content-type-options: nosniff
age: 127256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 03 May 2023 17:04:14 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 07:29:50 GMT
x-content-type-options: nosniff
age: 507320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 29 Apr 2023 07:29:50 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 30ms
6ms Image
text/plain 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 71ms
7ms Image
text/plain 2a00:1450:4001:803::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200e -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 8ms
7ms Image
image/gif 2600:9000:2156:d000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
age: 23458236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: JfLlsmDABTIaq5nA-efEAn5EYVf3PlONdg1JHt97gzeLiqbgOh4Alg==

GET
H2 200 insights.bin Show response
ins.connatix.com/4d9be56b55ba0034283934b67a03b51d/ Frame 9FA0 72 B
317 B 31ms
7ms XHR
application/octet-stream 151.101.2.137

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/4d9be56b55ba0034283934b67a03b51d/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afc5e04408cc0147fcaca87e4e934728ce9f3ef8d94d750110589d5d859851ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 11:14:09 GMT
age: 1296968
etag: "b6122d38436b50d96421c496aeae8446"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 80

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=8b22b99d-b460-428f-a648-c57a078da0ad&us_privacy=1---

86 B
556 B

8ms
7ms

Image
image/png

35.156.95.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=8b22b99d-b460-428f-a648-c57a078da0ad&us_privacy=1---
Protocol: H2
Server: 35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 04:25:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 86
vary: Origin
expires: 0

Redirect headers

location: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=8b22b99d-b460-428f-a648-c57a078da0ad&us_privacy=1---
date: Thu, 05 May 2022 04:25:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
content-length: 0

POST
H/1.1 200
OK sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame 9FA0 0
322 B 399ms
98ms XHR
application/x-protobuf 3.139.123.30

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=160773&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.123.30 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.winhelponline.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 44ms
44ms Script
text/javascript 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

sffe /

Resource Hash

718b70b50d97fa9276d3a2424f43a2e7c2f023896ee160b906c167617012b79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28460
x-xss-protection: 0
server: sffe
etag: "1205 / 641 of 1000 / last-modified: 1651702050"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 May 2022 04:25:10 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9FA0 377 KB
126 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128643
x-xss-protection: 0
expires: Thu, 05 May 2022 04:25:10 GMT

GET
H2 200 5.png
img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/ 5 KB
5 KB 13ms
7ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
age: 3188346
etag: "WyY66hWo5OdoXuQtIRPU7kBpkP2OfioY7IdwgbKwCN4"
access-control-max-age: 86400
fastly-io-info: ifsz=5795 idim=59x61 ifmt=png ofsz=5076 odim=59x61 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 5081

POST
H/1.1 200
OK g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 9FA0 811 B
970 B 469ms
175ms XHR
application/x-protobuf 3.139.123.30

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=160773&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.123.30 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.winhelponline.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 667

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
496 B 46ms
46ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: WYTYK2HEDY6RA4TYMN31
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: S-ju6YnV1AeVfn7c5nEN5DsQj3Wlm_85phJulYbcIBAwlfNt6oDy4A==

GET
H3 200 bridge3.513.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9F21 634 KB
205 KB 23ms
7ms Document
text/html 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 445159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209849
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:45:51 GMT
expires: Sun, 30 Apr 2023 00:45:51 GMT
last-modified: Sat, 30 Apr 2022 00:40:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9FA0 44 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 May 2022 04:25:10 GMT

GET
H3 200 bridge3.513.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 35E5 634 KB
205 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 445159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209849
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:45:51 GMT
expires: Sun, 30 Apr 2023 00:45:51 GMT
last-modified: Sat, 30 Apr 2022 00:40:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 bridge3.513.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 856B 634 KB
205 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.513.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 445159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209849
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:45:51 GMT
expires: Sun, 30 Apr 2023 00:45:51 GMT
last-modified: Sat, 30 Apr 2022 00:40:54 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 05A6 37 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 03:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 May 2022 04:47:12 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 31C2 37 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 03:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 May 2022 04:47:12 GMT

GET
H2 200 prebid6.20.0.js Show response
cds.connatix.com/p/plugins/ Frame 83DB 427 KB
111 KB 8ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid6.20.0.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae64c4fccf5c2dec69bcfa480b61f7a4b38af9c9effe8de5a86bd000ea88c74b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 04:25:10 GMT
content-encoding: br
last-modified: Tue, 19 Apr 2022 11:11:32 GMT
age: 1262467
etag: "c749275a36a4a1eff60db7ff73bdc29a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 113452

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE9D 37 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 03:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 May 2022 04:47:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ghb.adtelligent.com
URL: https://ghb.adtelligent.com/v2/auction/

Domain: ghb1.adtelligent.com
URL: https://ghb1.adtelligent.com/v2/auction/

Domain: ghb2.adtelligent.com
URL: https://ghb2.adtelligent.com/v2/auction/

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717845784122781&correlator=173136799815528&eid=31067407%2C44752585%2C31066184&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A1041599%2Cwinhelponline_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=1247036550&sfv=1-0-38&ecs=20220505&ris=1&rcs=3&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7610976901955742%26eid%3D7610976901955742%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod24-c%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-2-7610976901955742%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D4511284716%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D200%26br2%3D1400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C67%2C0%2C168%2C20%2C192%2C119%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2030%2C774%2C21%2C22%2C21%2C22%2C2339%2C20%2C21%2C22%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D700%26reqt%3D1651724710871%26hb_bidder%3Dsovrn%26hb_adid%3D25419eefcfe0ac04%26hb_format%3Dbanner%26hb_ssid%3D10017%26hb_opt%3D0.17%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Df58797d1e66f6c72%3AT%3D1651724705%3AS%3DALNI_MaupbBLSiicpY8lv9Hmuxl722aAyw&abxe=1&dt=1651724710944&lmt=1651724710&dlt=1651724705000&idt=405&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ftask-manager-unknown-program-startup-entry-fix%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2039225275.1651724705&ga_sid=1651724706&ga_hid=794632280&ga_fc=true&btvi=0&topics=1&nvt=1

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winhelponline.com/	1970-01-20 02:48:46	Name: ezoadgid_105367 Value: -1
.winhelponline.com/	1970-01-20 02:48:51	Name: ezoref_105367 Value:
.winhelponline.com/	1970-01-20 02:48:51	Name: ezoab_105367 Value: mod24-c
.winhelponline.com/	1970-01-20 02:48:46	Name: ezopvc_105367 Value: 1
.winhelponline.com/	1970-01-20 02:50:11	Name: ezepvv Value: 12131
.winhelponline.com/	1970-01-20 02:48:46	Name: ezovid_105367 Value: 1412112311
.winhelponline.com/	1970-01-20 02:48:46	Name: lp_105367 Value: https://www.winhelponline.com/blog/task-manager-unknown-program-startup-entry-fix/
.winhelponline.com/	1970-01-20 02:51:37	Name: ezovuuidtime_105367 Value: 1651724704
.winhelponline.com/	1970-01-20 02:48:46	Name: ezovuuid_105367 Value: 9ee1868c-51a1-4b9c-54cf-b58ef0b65a9a
.winhelponline.com/	1970-01-20 11:34:20	Name: ezCMPCCS Value: false
.winhelponline.com/	1970-01-20 11:34:20	Name: ezosuibasgeneris-1 Value: 74ba1c93-a149-4ee5-6d39-3dc3ee647f2c
.winhelponline.com/	1970-01-20 02:51:37	Name: active_template::105367 Value: pub_site.1651724705
www.winhelponline.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.winhelponline.com/	1970-01-20 20:19:56	Name: _ga Value: GA1.2.2039225275.1651724705
.winhelponline.com/	1970-01-20 02:50:11	Name: _gid Value: GA1.2.2061130882.1651724705
.winhelponline.com/	1970-01-20 02:48:44	Name: _gat Value: 1
www.winhelponline.com/	1970-01-22 16:07:56	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.winhelponline.com/	1970-01-22 16:07:56	Name: ezohw Value: w%3D1600%2Ch%3D1200
.doubleclick.net/	1970-01-20 12:10:20	Name: IDE Value: AHWqTUkL_mNffWfkkL4gtB73JhiSY34BLbDRVjK4Ky8Cmazjq5hzYInT5Ex_hg-Gazw
.winhelponline.com/	1970-01-20 12:10:20	Name: __gads Value: ID=f58797d1e66f6c72:T=1651724705:S=ALNI_MaupbBLSiicpY8lv9Hmuxl722aAyw
www.winhelponline.com/	1969-12-31 23:59:59	Name: ezouspva Value: 1
.adnxs.com/	1970-01-20 04:58:20	Name: uuid2 Value: 8245606777978020901
.casalemedia.com/	1970-01-20 11:34:20	Name: CMID Value: YnNRo8JoWhsvPgy1V8y2oAAA
.casalemedia.com/	1970-01-20 04:58:20	Name: CMPS Value: 5239
.casalemedia.com/	1970-01-20 04:58:20	Name: CMPRO Value: 1203
.adnxs.com/	1970-01-20 04:58:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ik[A3x!]tbPl1M>e)ZlrFUfJ+tGXxpO_#<3lKzjA]:>PTECZ8@Q<Vy7h[81I6F1*$[3If)y3KL9D3I?+0ovar=
.casalemedia.com/	1970-01-20 11:34:20	Name: CMRUM3 Value: 2d627351a32760CAESEPJmKPIIPABLoaUoyh7pHEg
.de17a.com/	1970-01-20 11:27:08	Name: guid2 Value: 1.1144349651063231439
.yandex.ru/	1970-01-23 18:24:44	Name: yuidss Value: 8997790461651724707
.yandex.ru/	1970-01-23 18:24:44	Name: yandexuid Value: 8997790461651724707
.c.appier.net/	1970-01-20 11:34:20	Name: _auid Value: L1CXo-iCDzev8T4FpFFzYg
.c.appier.net/	1970-01-20 03:31:56	Name: _gu Value: CAESEFAQWn1wMfRAMp5TvAbVH1s
www.winhelponline.com/	1970-01-20 03:31:56	Name: _pbjs_userid_consent_data Value: 3524755945110770
.casalemedia.com/	1970-01-20 02:50:11	Name: CMST Value: YnNRo2JzUaYA
pb-server.ezoic.com/	1970-01-20 04:58:20	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJZbk5SbzhKb1doc3ZQZ3kxVjh5Mm9BQUFcdTAwMjYxMjAzIiwiZXhwaXJlcyI6IjIwMjItMDUtMTlUMDQ6MjU6MTAuNjM2ODc0ODcxWiJ9fSwiYmRheSI6IjIwMjItMDUtMDVUMDQ6MjU6MTAuNjM2ODY5ODUzWiJ9
.adnxs.com/	1970-01-20 04:58:20	Name: icu Value: ChgIkfo_EAoYASABKAEwpqPNkwY4AUABSAEQpqPNkwYYAA..
.rubiconproject.com/	1970-01-20 11:34:20	Name: khaos Value: L2SI8VE7-10-EQT4
.rubiconproject.com/	1970-01-20 11:34:20	Name: audit Value: 1\|naVuGyos1qo9MCoUM71nml4C1LCtWBX9mfsNIvv6QtrmRNeXP/he0bl2Mhv/k6gfGri6l5mA5SCq6onW5m3GjyI+cGIyUGm/do6DNeMwNrLpWDfYqii6+w==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
absorbingcorn.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
bae551450a7e0235a0f3d870ca689951.safeframe.googlesyndication.com
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
clients1.google.com
cm.g.doubleclick.net
cs.chocolateplatform.com
cse.google.com
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ezodn.com
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
g.ezodn.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel.wp.com
prebid.a-mo.net
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum.casalemedia.com
static.adsafeprotected.com
tag.1rx.io
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.winhelponline.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
hbopenbid.pubmatic.com
securepubads.g.doubleclick.net
104.244.36.20
139.162.84.221
142.250.186.130
142.251.36.130
143.204.95.188
147.75.38.124
151.101.194.137
151.101.2.137
159.203.145.121
173.194.76.156
178.250.2.131
192.0.76.3
213.155.156.182
213.19.147.42
23.35.236.247
2600:9000:2156:3800:2:cb38:840:93a1
2600:9000:2156:7400:1b:5138:8a40:93a1
2600:9000:2156:d000:8:48e:53c0:93a1
2602:803:c003:200::61
2606:4700:20::681a:c
2a00:1450:4001:803::200e
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a02:6b8::90
2a06:98c1:3120::7
3.139.123.30
34.241.231.109
35.156.95.138
35.190.64.11
37.252.172.37
46.105.202.126
51.89.21.21
51.89.9.252
52.215.11.117
72.251.249.13
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
02bc467a8fd21ded0014b78f1229943d2c3139d61e83f9f2661351ebc5a459f3
03e921a1101bc47cd99c84100b7c8eee018ad162d6a3b1237f5664e9d90c8d8a
05f6c22255ec7ea3a795bfc6a4571bb29c887e44df0b1d1b5face82da19e388a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09a6487b5a18717bd2559b064bdb0f4b7d91bc4fb813eed36c403f8b5b8e869d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be
0d099fa99b11896ff3274430009988a277b8ef693ded72c56a651ce03b5f8558
0e1828bf81900712b9608e42b8d18d0162c657bd263b035e937d0548462600f1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17aa29eab03f827c36f31da358b1f26be0301635caa47067d53a60a3c17265ab
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1960ad018010d4f9856e97ad7318ec9e4844cfa31755e235928c6b656e4fa3ca
19d0575d7555c8a3b86a9222e7c4c120dc9415200f143b97467b8cd9a3ba3d4b
1b6c5d27bfa0906abb7cd73ddd3b2192cde45c0b467aec2b537cad7e87fbea15
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1cd51b1b387ddcadc568d35fca03b8ad9d187ff535b15ce8ee403a4d031ff446
1d78d79d41c4c86a14f16d84d4fbdcbd5b61e2f5a5d37d610e7b2da2c40c75b0
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24f3caa8f3dca460af84e369d7045bca0cd4b0afd6193add202bde7196259521
260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2d429bce904cd89ac83c260ef17341d1eb6cf3438b4cc8f905c70dd027719ecf
2e8925b2d6017a2439a83206fe7a2291d5cfdbe7b03ef0af40901176369e2964
30f802889ff4315c2174049ae8b56c5ac682f3795001580023ead2589d121442
318b6854c0d40b162d7a310de6bce0f23c25add6d292ccc6034fedf0c08990a5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
3de8dc43d75ba34b18da574a7d9c62d252e31b622e54dc1bf354043bde0618a6
3ed683257f28ac769fe650a7504450eb77852a4cba1f79bace5dd43cbd557e61
3f34684a259313530cb1a486208b398b41ba94c92b23e154fa708d103407456a
3ff090787af2bd6b4fc36d3c4861602d95fa4df9d917b56c50db50f7809a411f
3ff1f0bc7d6a02e23a56c724428fd9d49fefeb61cfdae76310e0dfcdde4d88cb
41a039558b802d4d0e8e8c2a4ad455a299da30d1d4a29199f6ccfc2d9b8da761
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436c8f67a47b14395e62b469c96212b3877b680ff8b74c8a35dfcee64720d691
45eb8d85397e55cc01153ddee7fc174c7f557dcf7b04642bdd607fe24d44afb2
4694b38beb61e9b20e4e0c9a1172b8e4ae7037f7097ac272270294f211dc8ba0
46e5d21cd5246cbefde00429b60f3b8d354f7b968920a828cbeecba8069494ea
47f9bf9c4298beb31b2e764fce4c438f6d9a7e509a94a0ced56f23bd967bba74
4a35e3334b884f6dfa9400b88ef7c3613f2029ad1d87ffb4d5fc3bb436185fce
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f4ee55fe5bb73f12724f303bb7f61658aed02649c19bb306d67230e45729d7c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53854d418fb6f06bf45e45d98c7405a8ca71d21269813d73ca1f0d0adf51c27d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a025605d507c6101a58c004bcdbd3094382337fe4b58742d49c6b638d0d8ec
54fff82d3d3950ef2a549de194b390ae884e49bee57853fab5c5abeaeb219609
550688ac3ba2eaac140d63804b2ac5eb07203ddf1f9736d78583399a77663025
55576f073e0b78feb78d9f8417d842fae50b5e93c5d79154eb250b03745feffc
559539863676ce8b7493956a42958ab940d9b1fe8587e23d56832a56d8369dc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56487cd450ab75c64be8f8ee82735454d2a036823fd75c1168f19552277689f7
5878d87129eda0e0dd21e0584df50c0882eed2705610673fc5529e0e8a86e3b3
58e11796a7f2c78f6481faf64444cce1a52dd7f9769b73c060bb6aa070ff2863
59d11cb852eb754cb181c46ea3595ba14078e9bbc4ff71582cce8ebf697eb7ce
5abeb144794155af9e5c5a9400d8f6197d1cda38e8b2172b66a9321de89fd37b
5e782e4637c589109979db0eea71eca5c304fc80bb655ff006ce6126daa90d57
607f69d2ac4f67c9ab5753f5176c18096b5b6d1128ab9f9da3720563c0824e64
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642fd9758abaa6ec6f8e59c293f678025c7bd089c4f8e57644aae29aba9628c7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6846df87d479b84226e57ca790f006a26dbaada56ad74190448f67596f4bcfd5
684e639ba014e89e108c7a4e5b60013d89bc66269efe91bd62b572593715e294
698f3ca76eeaa054575f20435f760825d24f9290cfb60979debeb8c45028c66b
6b0829f2e644e2fe89941d9db18ba28e292df47cb7f1435bce2868593bfa888d
6ee5fa1c3b3dc042135847f4435851a8131259b8e4693f9cfef968d871596e89
70ad878edb0e980fab2f682b3e4277ad0c76e7625d80a062b6249b184ec31e94
718b70b50d97fa9276d3a2424f43a2e7c2f023896ee160b906c167617012b79d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
77c80b99ac7c0c972e9c2a94f430047a1650617986518a576665ea5d23ea7f12
79adca0f6f45b5b422942d82bce6dec8e1c6fb0e1d6441c0aff78f939c67eeca
7b765df6295022aeb2fb097907d29449b271b9162f9556d1176516443cdab024
7b85bcb075a13466616c573a91f310265b48c0879b56e003d4d3b7c421eee188
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7eb67d0d0137076f8d48383105f6a33bc1f36370a3bc990bd669aa2f47c38a93
80d6d8b27a9e590b057121e5ddee3d8e7f606fd48fc78cc995087f10c5bd396c
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a11e93899d532f2ee3772df2ecea79f638e24e65e83b1a0e36ade36a34d87bc
8a685a1bb692368dac0f99d1d2e7e91e7304d43a7a9f4ac2074b8d0af21d83a1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
95d73e838da56ec22fd452322b93235842c9f7d775a0e0525307fdcfde75d484
95fa7c9947acf125428f938911b90170626602b89ad6205ae1788f31605d5028
980575850b7cddb5212c23d4065f93cf74611fc0f3c33594ae7df27dcb390054
9a3b03236a3e422f31a4745a5616fc50cb5159bdd5922b43ff29505ee1638835
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b040efac22c7e29da7486b648b1f76f9321793bc9484708849d487fdb282575
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9ebab423d92409a3c7e9196d34f544d31a09fb4b04c270c1d79fb766c5f346ff
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e2c1c8813125c610b668bf0731d6c39c54f232e61b76fbc443464819564914
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab784a52deaa0a42e4878b85f44b610615cf2c0b7f3460178ad0f7ac76777784
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae64c4fccf5c2dec69bcfa480b61f7a4b38af9c9effe8de5a86bd000ea88c74b
afac23f3cf37d9d0c0fca7e5afea87f81de6b2531041729a7cc3940fac24f4e0
afc5e04408cc0147fcaca87e4e934728ce9f3ef8d94d750110589d5d859851ce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20986c3ef4e76f463753e68a13de7d724993fc145126006dca0d2363c57a996
b4d38a141fa88d8c86231ef44e23939a5bf35295b8c9adce2804b0f8bff04b45
b773735c29dd766304cd47335e12b97a590ccf31d09c4a09b68afd9561ec84dc
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bdefd54d4cb6c969200547615c1c5791ffc29770f89c211226f2f62d0d186220
bed9abbda72f710be203bc404d0cab15f7457e58ce28a597b1fa4a90aa2f03d6
c03399d0215b8a1e313c76e1d0818fd54312d492826db25f47e692b56f473264
c0b9c15543268ad251a723d1cd3008a245835bd57e2aac8cd14b662e7f5e58eb
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3f810b248d3c1fb85f6a6da25ca0ca8b064b9e0d89ef98a00f5b5d841eae69
cbb917ddcc6f6d1d1962774c9af52d0dd32adbb902fbd63c16afd3dd95b7642b
cc129262a38049aa808d5bf97d37ca214e33a558d2d8869d7638d53e78108166
ccc65b08728c290b17d1b2020b83556cb2877b1332ee6bdd95d8dff4bee0235d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d22b135ef52e5a9027f1399bc19d31842dd559fc781427ba670b4dfcf2661084
d57471c286b677cd4070aa0387d6ecc46de5092beaa6f8d3e82b8fc5b5d6b110
da3554ac3f91d1d4e23d4e35130f5ef0b526707c5af8b1698c13c9d27ec93cd6
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143
dfbf85cea8bc77e56f6cc34efe8e17c94bd334c9ab5f5b52a4ea4c7d7a1a71a3
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e1d8fdd6e14ed39fe5fa3a5fc8433da11ed1275fc488b2da5cfbf8cd81a705a3
e1e37043f8a4b65db2925704e665a5cdd225ffe6f0cf3a5899e7d3fccb512644
e20a514cdd69a29ceadf9ab713eabca5ad1bb21f2e5fc02475d0406541854971
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4adb3837e4411342aa9b52dafd1646c32196b17c56c5420b77b9abebebe0f4d
e8b1d27ed3252017a01a02744d7cb0aafebec6dd859f724b81cfe785a2e09be9
ec9a8e8851be4f5635d06e6d51fb956ee388002ebd640a6e8805429e87953151
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f39eda7c628f3c7967290aec8514942939c31bc7999b1dcb6928a55e0fcbeae8
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
f78b259d411a760917e22d74b3647bf14b03c63ca6ea07be68802772e4dc1683
fa6953b24e42640645ebc36a7bdead13b10abdddd28abec1d8d7904d329e6cd0
faec8eb1d835361aefcf57fb0c55d7ad0d90a3ca389a17f85ad8bb71436059d8
fd8cb078c7625dd9858482bbef8e905e31599a6d1e5a93111273210da5f51f9f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.winhelponline.com Open in urlscan Pro 2606:4700:20::681a:c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

90 %HTTPS

46 %IPv6

34 Domains

58 Subdomains

43 IPs

9 Countries

2942 kBTransfer

8951 kBSize

38 Cookies

6 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.winhelponline.com Open in urlscan Pro
2606:4700:20::681a:c Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

90 %
HTTPS

46 %
IPv6

34
Domains

58
Subdomains

43
IPs

9
Countries

2942 kB
Transfer

8951 kB
Size

38
Cookies

211 HTTP transactions
5 data transactions