dl.windowsden.uk Open in urlscan Pro
94.237.97.149 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dl.windowsden.uk/se/1046510029
Submission: On December 07 via manual (December 7th 2021, 1:34:19 pm UTC) from GB — Scanned from GB

Summary HTTP 60 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 60 HTTP transactions. The main IP is 94.237.97.149, located in Finland and belongs to UPCLOUD, FI. The main domain is dl.windowsden.uk.
TLS certificate: Issued by R3 on October 12th 2021. Valid for: 3 months.

This is the only time dl.windowsden.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	94.237.97.149 94.237.97.149	202053 (UPCLOUD) (UPCLOUD)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:3f61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00:287::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:282::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2aa::3114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:310... 2606:4700:3108::ac42:2b03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
60	18

15 94.237.97.149 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-97-149.de-fra1.upcloud.host

dl.windowsden.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
windowsden.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3f61 (United States)

ASN13335 (CLOUDFLARENET, US)

pcmac.download	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2ab::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:287::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:282::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2aa::3114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

store-images.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2b03 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	windowsden.uk dl.windowsden.uk windowsden.uk	80 KB
11	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	33 KB
9	mzstatic.com is4-ssl.mzstatic.com is3-ssl.mzstatic.com is2-ssl.mzstatic.com is1-ssl.mzstatic.com	709 KB
9	doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net	533 KB
5	google.com fundingchoicesmessages.google.com	145 KB
3	googletagservices.com www.googletagservices.com	80 KB
3	stpd.cloud stpd.cloud	426 KB
2	gstatic.com fonts.gstatic.com	98 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	38 KB
1	s-microsoft.com store-images.s-microsoft.com	5 KB
1	pcmac.download pcmac.download	1 KB
1	jsdelivr.net cdn.jsdelivr.net	3 KB
60	12

	Domain	Requested by
9	dl.windowsden.uk	dl.windowsden.uk
6	eus.rubiconproject.com	dl.windowsden.uk eus.rubiconproject.com
6	windowsden.uk	dl.windowsden.uk
6	securepubads.g.doubleclick.net	dl.windowsden.uk securepubads.g.doubleclick.net www.googletagservices.com
5	fundingchoicesmessages.google.com	dl.windowsden.uk securepubads.g.doubleclick.net
4	is2-ssl.mzstatic.com	dl.windowsden.uk
3	secure-assets.rubiconproject.com	3 redirects
3	www.googletagservices.com	dl.windowsden.uk
3	stpd.cloud	dl.windowsden.uk
3	pubads.g.doubleclick.net	dl.windowsden.uk
2	token.rubiconproject.com	eus.rubiconproject.com
2	is1-ssl.mzstatic.com	dl.windowsden.uk
2	is4-ssl.mzstatic.com	dl.windowsden.uk
2	fonts.gstatic.com	dl.windowsden.uk fonts.googleapis.com
1	fonts.googleapis.com
1	store-images.s-microsoft.com	dl.windowsden.uk
1	is3-ssl.mzstatic.com	dl.windowsden.uk
1	pcmac.download	dl.windowsden.uk
1	cdn.jsdelivr.net	dl.windowsden.uk
1	ajax.googleapis.com	dl.windowsden.uk
60	20

This site contains links to these domains. Also see Links.

Domain
is3-ssl.mzstatic.com
is2-ssl.mzstatic.com
is4-ssl.mzstatic.com
is1-ssl.mzstatic.com
www.microsoft.com
m.apkpure.com
www.bignox.com
bluestacks.com
windowsden.uk

Subject Issuer	Validity	Valid
dl.windowsden.uk R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
windowsden.uk R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-06-22` - `2022-07-22`	a year	crt.sh
store-images.microsoft.com Microsoft RSA TLS CA 02	`2021-01-08` - `2022-01-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://dl.windowsden.uk/se/1046510029
Frame ID: 632D995CAF0AD809ACEBA763A9662674
Requests: 42 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: A7173B400D394D0680DF4DD2F9F25384
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 00AE1DA59940293B531BA844DAC53FC5
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 924571D45F48023960DADD078983E72B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: FC2BEB35202760D467DF873F236F4B29
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 379ED7CCEA0AD574114BAD42DA3450F7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: ECFA0EB955F21DD1503D7A3069C63EE1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ladda ner Bose Connect på datorn gratis [Windows 10/8/7]

Page Statistics

60
Requests

98 %
HTTPS

72 %
IPv6

12
Domains

20
Subdomains

18
IPs

3
Countries

2149 kB
Transfer

5502 kB
Size

3
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://is3-ssl.mzstatic.com/image/thumb/Purple123/v4/44/b9/5a/44b95a64-588d-85ab-cc3f-a0b0fb0c4a8e/pr_source.png/392x696bb.png

Search URL Search Domain Scan URL

URL: https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/09/a1/27/09a1270d-e3b7-ff3a-fd24-ef0b4fabfd38/pr_source.png/392x696bb.png

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/Purple123/v4/54/70/9c/54709c06-9736-26c7-57ab-ac896c873696/pr_source.png/392x696bb.png

Search URL Search Domain Scan URL

URL: https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/7f/2b/36/7f2b36b6-f2d3-e1c5-50cf-1e52881cfe92/pr_source.png/392x696bb.png

Search URL Search Domain Scan URL

URL: https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/a4/63/07/a4630787-e20c-b331-d0e7-0ca3798f8a21/pr_source.png/392x696bb.png

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/groove-music/9wzdncrfj3pt
Title: Ladda ner

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/spotify/9wzdncrfj4wk
Title: Ladda ner

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/iheartradio/9wzdncrfj223
Title: Ladda ner

Search URL Search Domain Scan URL

URL: https://m.apkpure.com/dcm/com.bose.monet/download?from=details
Title: Ladda Apk

Search URL Search Domain Scan URL

URL: https://www.bignox.com/sv/download/fullPackage
Title: Nox-app

Search URL Search Domain Scan URL

URL: https://bluestacks.com/
Title: Bluestacks

Search URL Search Domain Scan URL

URL: https://windowsden.uk/
Title: EULA

Search URL Search Domain Scan URL

URL: https://windowsden.uk/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://windowsden.uk/dmca
Title: DMCA Policy/Reports

Search URL Search Domain Scan URL

URL: https://windowsden.uk/contact
Title: Contact us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 46

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 48

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 1046510029 Show response
dl.windowsden.uk/se/ 48 KB
13 KB 805ms
700ms Document
text/html 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 6354db64c6c4b552a7dc1bb58100e18dea559c796524afb3fb87bff2be14b147

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Date: Tue, 07 Dec 2021 13:34:13 GMT
Server: Apache/2.4.25 (Debian)
Cache-Control: no-cache, private
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.fancybox.css
dl.windowsden.uk/public/fancybox/source/ 5 KB
2 KB 44ms
43ms Stylesheet
text/css 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/public/fancybox/source/jquery.fancybox.css?v=2.1.5
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "131f-591151c0bde82-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1423

GET
H/1.1 200
OK style.css
dl.windowsden.uk/public/material/css/ 225 KB
33 KB 98ms
53ms Stylesheet
text/css 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/public/material/css/style.css
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 738a7ff5aeccde8820a9531f4d58f18a6d9646b8f78c5030445151f55b45fa89

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "38572-591151c0ba002-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33588

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 133ms
42ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 21:16:33 GMT

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 199ms
72ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3689234
x-jsd-version: 0.6.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19146-FRA, cache-mxp6972-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b9e2158c922839d-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 150ms
57ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

4c15f7d432b6d5868378375983c9b1b82a23238a40040c971c675720d3d5dcaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 618 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27033
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H/1.1 200
OK loading.svg
windowsden.uk/public/images/ 696 B
722 B 145ms
45ms Image
image/svg+xml 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsden.uk/public/images/loading.svg
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jul 2019 13:27:02 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2b8-58db837219580-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 381

GET
H2 200 loading.svg
pcmac.download/public/images/ 696 B
1 KB 232ms
80ms Image
image/svg+xml 2606:4700:3032::6815:3f61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pcmac.download/public/images/loading.svg
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3f61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Jan 2020 00:34:55 GMT
server: cloudflare
etag: W/"5e1fafaf-2b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZ0Lhkgf8v3iTJZdbUHZUu6uFNuJC1fI%2Br3vjcHnz%2FVRyzrdcL4WY54PyQwZJ5hZkl1a8BXdcOGrXhtY3zG57CJhNjtlzVXhHQ7Am%2BKSf2gvVAdDaBWb1v%2FN5XyRhNzECQszPFPKcqQGK8ZBqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 6b9e215a88b95a13-MXP
expires: Thu, 01 Dec 2022 19:29:07 GMT

GET
H/1.1 200
OK loading.svg
dl.windowsden.uk/public/images/ 696 B
721 B 43ms
43ms Image
image/svg+xml 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.windowsden.uk/public/images/loading.svg
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2b8-591151c0b4242-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 381

GET
H/1.1 200
OK bigstar-rating.js Show response
dl.windowsden.uk/public/js/ 550 B
687 B 43ms
43ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/public/js/bigstar-rating.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "226-591151c0bbf42-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 338

GET
H/1.1 200
OK star-rating.js Show response
dl.windowsden.uk/public/js/ 602 B
698 B 43ms
43ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/public/js/star-rating.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "25a-591151c0bafa2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 348

GET
H/1.1 200
OK jquery.mousewheel-3.0.6.pack.js Show response
dl.windowsden.uk/public/fancybox/lib/ 1 KB
1 KB 53ms
43ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/public/fancybox/lib/jquery.mousewheel-3.0.6.pack.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "568-591151c0bcee2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 712

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
dl.windowsden.uk/public/fancybox/source/ 23 KB
9 KB 84ms
44ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.windowsden.uk/public/fancybox/source/jquery.fancybox.pack.js?v=2.1.5
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/se/1046510029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 08:32:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "5a5f-591151c0bde82-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8634

GET
H/1.1 200
OK imglazyload.js Show response
windowsden.uk/public/js/ 2 KB
1 KB 146ms
44ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsden.uk/public/js/imglazyload.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jul 2019 13:27:02 GMT
Server: Apache/2.4.25 (Debian)
ETag: "867-58db837219580-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1025

GET
H/1.1 200
OK bootstrap.min.js Show response
windowsden.uk/public/material/js/ 36 KB
10 KB 153ms
51ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsden.uk/public/material/js/bootstrap.min.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jul 2019 13:27:02 GMT
Server: Apache/2.4.25 (Debian)
ETag: "9004-58db837219580-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9765

GET
H/1.1 200
OK ripples.min.js Show response
windowsden.uk/public/material/js/ 3 KB
1 KB 146ms
44ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsden.uk/public/material/js/ripples.min.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jul 2019 13:27:02 GMT
Server: Apache/2.4.25 (Debian)
ETag: "af9-58db837219580-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1114

GET
H/1.1 200
OK material.min.js Show response
windowsden.uk/public/material/js/ 5 KB
2 KB 146ms
43ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsden.uk/public/material/js/material.min.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jul 2019 13:27:02 GMT
Server: Apache/2.4.25 (Debian)
ETag: "152e-58db837219580-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1659

GET
H/1.1 200
OK jquery.dropdown.js Show response
windowsden.uk/public/material/js/ 12 KB
4 KB 147ms
44ms Script
application/javascript 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsden.uk/public/material/js/jquery.dropdown.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jul 2019 13:27:02 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3056-58db837219580-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3305

GET
H2 200 AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY= Show response
fundingchoicesmessages.google.com/f/ 80 KB
28 KB 167ms
64ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY=

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01a1c5a0e61735ff747a34ccc41a8e9d88592367680f9a61e415659d79f64e97

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JgDmFvZAaAk2NvcOQcfBMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-JgDmFvZAaAk2NvcOQcfBMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JgDmFvZAaAk2NvcOQcfBMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-JgDmFvZAaAk2NvcOQcfBMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v41/ 54 KB
55 KB 139ms
42ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v41/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl.windowsden.uk/
Origin: https://dl.windowsden.uk
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 09:35:51 GMT
x-content-type-options: nosniff
age: 532703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55208
x-xss-protection: 0
last-modified: Thu, 16 Aug 2018 20:54:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 09:35:51 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
13 KB 201ms
102ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/windowsden.uk_980x300_responsive_1_DFP&sz=970x250%7C728x90%7C300x250&t=Placement_type%3Dserving&1638884054307

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8831ee3e677af69d87a3b4e9f105c9055d6c271270d88494da5208df96564a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13194
x-xss-protection: 0
google-lineitem-id: 5334585800
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138307078194
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://dl.windowsden.uk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found stars.png
dl.windowsden.uk/public/material/css/images/ 1 KB
1 KB 96ms
95ms Image
text/html 94.237.97.149
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.windowsden.uk/public/material/css/images/stars.png
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/public/material/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.237.97.149 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-97-149.de-fra1.upcloud.host
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/public/material/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 1482
Content-Type: text/html; charset=UTF-8

GET
H2 200 200x200bb.jpg
is4-ssl.mzstatic.com/image/thumb/Purple114/v4/b9/be/c8/b9bec89e-3d7f-9402-17c5-463a61f0a903/source/ 2 KB
3 KB 396ms
52ms Image
image/jpeg 2a02:26f0:6c00:2ab::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple114/v4/b9/be/c8/b9bec89e-3d7f-9402-17c5-463a61f0a903/source/200x200bb.jpg

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ab::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

b3d8cfa6664b9186187fc7ce802c78efcf0eab0039f8666c0b6ba26cbe7899c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: K6WN67EWLB3YBZB356N6IDXOBU
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFMLDIwRTI0MSwxNjM2NDU1NDA5MzgwLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTM3LG5vRWZmZWN0"
x-b3-traceid: 57acdf7c96587780e43bef9be40eee0d
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:21RELEASE176:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 57acdf7c-9658-7780-e43b-ef9be40eee0d
b3: 57acdf7c96587780e43bef9be40eee0d-48db9a5f2badcfd7
content-length: 2382
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-140.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Tue, 09 Nov 2021 10:56:49 GMT
x-cache-remote: TCP_MISS from a2-20-143-166.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=14610209
x-b3-spanid: 48db9a5f2badcfd7
cdnuuid: 9373fa6f-42a3-4574-b039-04d4ae19fb17-570576141

GET
H2 200 392x696bb.png
is3-ssl.mzstatic.com/image/thumb/Purple123/v4/44/b9/5a/44b95a64-588d-85ab-cc3f-a0b0fb0c4a8e/pr_source.png/ 123 KB
124 KB 419ms
76ms Image
image/png 2a02:26f0:6c00:2a8::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Purple123/v4/44/b9/5a/44b95a64-588d-85ab-cc3f-a0b0fb0c4a8e/pr_source.png/392x696bb.png

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

d1b9f02725bc15bb362bb9d2176ea44c3c54912be47361d0538765c6bd93fa13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: UBXSW55GZUZDL66RM2X6DCZIXY
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFMLDIwRTI0MSwxNjM2MzAzODQyNTcxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTM5LG5vRWZmZWN0"
x-b3-traceid: a06f2b77a6cd3235fbd166afe18b28be
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE176:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: a06f2b77-a6cd-3235-fbd1-66afe18b28be
b3: a06f2b77a6cd3235fbd166afe18b28be-265632fc7aea0753
content-length: 125587
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-188.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Sun, 07 Nov 2021 16:50:42 GMT
x-cache-remote: TCP_MISS from a193-108-94-132.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=12234243
x-b3-spanid: 265632fc7aea0753
cdnuuid: 8a773084-cca6-4f90-a956-4be7e4d9cccc-8227288232

GET
H2 200 392x696bb.png
is2-ssl.mzstatic.com/image/thumb/Purple113/v4/09/a1/27/09a1270d-e3b7-ff3a-fd24-ef0b4fabfd38/pr_source.png/ 95 KB
96 KB 493ms
150ms Image
image/png 2a02:26f0:6c00:287::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/09/a1/27/09a1270d-e3b7-ff3a-fd24-ef0b4fabfd38/pr_source.png/392x696bb.png

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

334d4b1751bce9c987229e309612b3c76ac8615748c5e3fc94218bb7262bcbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: MOLZARWZ3IYGLOAGJLTPIYLFSM
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFMLDIwRTI0MSwxNjM2MzAzODQyNzUxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMjQ1LG5vRWZmZWN0"
x-b3-traceid: 63979046d9da3065b8064ae6f4616593
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:21RELEASE176:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 63979046-d9da-3065-b806-4ae6f4616593
b3: 63979046d9da3065b8064ae6f4616593-72b3589e88e3e958
content-length: 96909
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Sun, 07 Nov 2021 16:50:42 GMT
x-cache-remote: TCP_MISS from a2-20-143-151.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=12275290
x-b3-spanid: 72b3589e88e3e958
cdnuuid: a23cdbd0-1fda-4954-8336-70e7e7b5485e-11999255587

GET
H2 200 392x696bb.png
is4-ssl.mzstatic.com/image/thumb/Purple123/v4/54/70/9c/54709c06-9736-26c7-57ab-ac896c873696/pr_source.png/ 184 KB
185 KB 427ms
85ms Image
image/png 2a02:26f0:6c00:2ab::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple123/v4/54/70/9c/54709c06-9736-26c7-57ab-ac896c873696/pr_source.png/392x696bb.png

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ab::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

e7b4769aa3c07c1790922eef04855d4da76a4468c351798036c45f431dc4fa45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: KJGZW7PABDDT7O4P2OHZQW3PDA
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFMLDIwRTI0MSwxNjM4MDk2ODIzMzY3LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMjU0LG5vRWZmZWN0"
x-b3-traceid: 524d9b7de008c73fbb8fd38f985b6f18
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE187:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid: 524d9b7d-e008-c73f-bb8f-d38f985b6f18
b3: 524d9b7de008c73fbb8fd38f985b6f18-0db024481a3fdc5a
content-length: 187938
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-140.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Sun, 28 Nov 2021 10:53:43 GMT
x-cache-remote: TCP_MISS from a2-20-143-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=15172278
x-b3-spanid: 0db024481a3fdc5a
cdnuuid: a23cdbd0-1fda-4954-8336-70e7e7b5485e-11999255588

GET
H2 200 392x696bb.png
is1-ssl.mzstatic.com/image/thumb/Purple113/v4/7f/2b/36/7f2b36b6-f2d3-e1c5-50cf-1e52881cfe92/pr_source.png/ 99 KB
101 KB 476ms
133ms Image
image/png 2a02:26f0:6c00:282::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/7f/2b/36/7f2b36b6-f2d3-e1c5-50cf-1e52881cfe92/pr_source.png/392x696bb.png

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:282::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

54b8d97e336b3096a4a5d9bacffa11ca73238d9a8bc64f2a105daa8d7a2f90f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: NE3EXC5GYIBTPVRTJ36Q6NXKGU
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMzOTU5NTk4NzA5LGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTIxLG5vRWZmZWN0"
x-b3-traceid: 69364b8ba6c20337d6334efd0f36ea35
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE164:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 69364b8b-a6c2-0337-d633-4efd0f36ea35
b3: 69364b8ba6c20337d6334efd0f36ea35-993aeefe99492a27
content-length: 101783
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Mon, 11 Oct 2021 13:39:58 GMT
x-cache-remote: TCP_MISS from a193-108-94-164.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=11312725
x-b3-spanid: 993aeefe99492a27
cdnuuid: fb361c78-8865-4cf1-b090-646fe5ee1876-12108414215

GET
H2 200 392x696bb.png
is1-ssl.mzstatic.com/image/thumb/Purple113/v4/a4/63/07/a4630787-e20c-b331-d0e7-0ca3798f8a21/pr_source.png/ 181 KB
182 KB 425ms
84ms Image
image/png 2a02:26f0:6c00:282::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/a4/63/07/a4630787-e20c-b331-d0e7-0ca3798f8a21/pr_source.png/392x696bb.png

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:282::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

5366e04e09318c870caab72c296b67880534a5a17c1b7490c75b4c4248a61b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 67SVKIRVZ33SGO2SEF5OKAVDEE
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFLLDIwRTI0MSwxNjMyOTIzMzM3OTE5LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMjM5LG5vRWZmZWN0"
x-b3-traceid: f7e5552235cef7233b52217ae502a321
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE150:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid: f7e55522-35ce-f723-3b52-217ae502a321
b3: f7e5552235cef7233b52217ae502a321-ba784fa5ac1b7f0a
content-length: 185164
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Wed, 29 Sep 2021 13:48:57 GMT
x-cache-remote: TCP_MISS from a2-20-143-150.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=9007250
x-b3-spanid: ba784fa5ac1b7f0a
cdnuuid: 92d4a79b-2591-403d-a1b1-0771f142a3cd-12042405680

GET
H/1.1 200
OK apps.36401.9007199266246188.9deef61c-e7c1-4182-8011-8a291dcac426.4ad156e6-616c-41c7-83ed-1533010c1d88
store-images.s-microsoft.com/image/ 4 KB
5 KB 179ms
45ms Image
image/png 2a02:26f0:6c00:2aa::3114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store-images.s-microsoft.com/image/apps.36401.9007199266246188.9deef61c-e7c1-4182-8011-8a291dcac426.4ad156e6-616c-41c7-83ed-1533010c1d88?mode=scale&q=90&h=270&w=270&background=%230078D7
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2aa::3114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e1c1cece1dfbd402553e9db613b489708209a9ebff4fb87fc5c02e6531afd111

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:14 GMT
Last-Modified: Tue, 29 Nov 2016 16:47:54 GMT
ETag: W/"AEC6ubSdhn0SgXaifD2+7F97qjwpM9QgMHg4RDQxODc3Nzc0NEIzQTg"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: MS-CV
Cache-Control: public, max-age=7776000, s-maxage=7776000
MS-CV: mmMO5AESVkuETJv6.0
Connection: keep-alive
Accept-Ranges: none
Content-Length: 4533

GET
H2 200 200x200bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple123/v4/6c/38/34/6c383414-c064-05b8-fd03-a7c27220fbd6/source/ 6 KB
7 KB 374ms
65ms Image
image/jpeg 2a02:26f0:6c00:287::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple123/v4/6c/38/34/6c383414-c064-05b8-fd03-a7c27220fbd6/source/200x200bb.jpg

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

ae58c7cb908babc4799db22036b39768a2f76f74c20d8a2377a15d8b0355ccd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: MZICOODDIDQT334HQMBV2QZMIE
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFMLDIwRTI0MSwxNjM2NjE3MDk3NzI4LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMDU2LG5vRWZmZWN0"
x-b3-traceid: 665027386340e13def8783035d432c41
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:21RELEASE176:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 66502738-6340-e13d-ef87-83035d432c41
b3: 665027386340e13def8783035d432c41-927fa2f6ae468185
content-length: 6045
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Thu, 11 Nov 2021 07:51:37 GMT
x-cache-remote: TCP_MISS from a193-108-94-146.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=13508917
x-b3-spanid: 927fa2f6ae468185
cdnuuid: 7d8c19ca-9859-487b-beb1-7702ed883830-8075083583

GET
H2 200 200x200bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple113/v4/b8/17/75/b81775a7-079e-1938-b49b-e8268fbfc2d9/source/ 7 KB
8 KB 281ms
54ms Image
image/jpeg 2a02:26f0:6c00:287::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/b8/17/75/b81775a7-079e-1938-b49b-e8268fbfc2d9/source/200x200bb.jpg

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

d1b558a1327b795bf5ea6bccb9475b03ab9501f86250e14bb062c4d15633e999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: DUX4J56XOR4SSF26TZXJGB2TRA
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFMLDIwRTI0MSwxNjM2ODk0MTE4OTY0LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwNDQyLG5vRWZmZWN0"
x-b3-traceid: 1d2fc4f7d7747929175e9e6e93075388
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE176:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid: 1d2fc4f7-d774-7929-175e-9e6e93075388
b3: 1d2fc4f7d7747929175e9e6e93075388-0ea5a54ad5995c9b
content-length: 7386
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Sun, 14 Nov 2021 12:48:38 GMT
x-cache-remote: TCP_HIT from a2-16-186-142.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=12334954
x-b3-spanid: 0ea5a54ad5995c9b
cdnuuid: af427be6-b417-4571-abf2-60ef628fab17-11839984182

GET
H2 200 200x200bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple123/v4/7c/23/b3/7c23b303-c33a-3ab3-e3e3-94e8ff965ae9/source/ 3 KB
4 KB 307ms
91ms Image
image/jpeg 2a02:26f0:6c00:287::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple123/v4/7c/23/b3/7c23b303-c33a-3ab3-e3e3-94e8ff965ae9/source/200x200bb.jpg

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

85c228fb9b47a145a3b51ce1e1085ed98918f79b7a53166fc5246914ead23942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-apple-jingle-correlation-key: ETUSVSICI56RKI45XZXZP3DJWI
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjUtMjEwLDIwRTI0MSwxNjM4Nzk0MjY3MzIzLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTYwLG5vRWZmZWN0"
x-b3-traceid: 24e92ac902477d15239dbe6f97ec69b2
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE187:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 24e92ac9-0247-7d15-239d-be6f97ec69b2
b3: 24e92ac902477d15239dbe6f97ec69b2-e1bf4f470fd74e25
content-length: 3143
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-186-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-tk: false
last-modified: Mon, 06 Dec 2021 12:37:47 GMT
x-cache-remote: TCP_MISS from a193-108-94-133.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq: 0.0
date: Tue, 07 Dec 2021 13:34:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=15671009
x-b3-spanid: e1bf4f470fd74e25
cdnuuid: c23c5027-65d1-41d6-8adb-498dd3e3a3cf-12024394912

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
117 KB 51ms
49ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
716 B 52ms
50ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dl.windowsden.uk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7c801919f9988e81d8d1793b64b01606157804456df6b737ed837f18c8bdeb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame A717 463 KB
142 KB 224ms
86ms Script
application/javascript 2606:4700:3108::ac42:2b03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695b7bba3b45cdabb333b4f893150bc9dd52a859fb95aecd1e183635c70cfb80

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: OLBLu8BGcoE0SlxxfrHDiA==
age: 234
x-ms-lease-status: unlocked
last-modified: Tue, 07 Dec 2021 13:29:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mD27gEyDZ7VvguotyXd8HlCn2132r6gZ1dBY00VSdgoxvMSx1ByQSTvNYMkNGWhrgqDvVcxYLbibKE5iMqtpxkanTVECGR%2F8KHM%2FXpCEt4S9cc4NNDssKbDmEEWkgR6L0ovLThOn1Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 09a7f18e-201e-000b-776e-eb04fc000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b9e215beef683b2-MXP

GET
H3 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
13 KB 92ms
92ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22384346533/windowsden.uk_728x90_responsive_4_DFP&sz=728x90%7C320x100&t=Placement_type%3Dserving&1638884054562

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c587d6178da56934b7efdec138f2585dd1a19d853293bae758000233e8671713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13136
x-xss-protection: 0
google-lineitem-id: 5334286504
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364706838
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://dl.windowsden.uk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
13 KB 99ms
98ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22384346533/windowsden.uk_300x600_responsive_3_DFP&sz=300x600%7C300x250&t=Placement_type%3Dserving&1638884054563

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ffd59065d1ede144873d18d1cc57548c1e63a416d3982cc172411f818f79fc9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13160
x-xss-protection: 0
google-lineitem-id: 5334286450
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364706820
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://dl.windowsden.uk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXkoZuGlp2rkUWx1a6pXVrmW0etPv4O1RFI3S1P6Uw3KDVfooOY6DNFPCVTwN1H0OPC2vi-50NuEJWbDTrqy8I= Show response
fundingchoicesmessages.google.com/f/ 663 KB
89 KB 201ms
152ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkoZuGlp2rkUWx1a6pXVrmW0etPv4O1RFI3S1P6Uw3KDVfooOY6DNFPCVTwN1H0OPC2vi-50NuEJWbDTrqy8I=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM4ODg0MDU0LDU2NTAwMDAwMF0sIjY3RjlGQzM5LUZDODMtNDE0Ri1BQjY3LTg5MjdDM0NEMkQxRCIsIjhFQ0ZFMTk5LTEzNkYtNEU4Ri1CQTlELUMzMkQ4NDNBMkEyMSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2RsLndpbmRvd3NkZW4udWsvc2UvMTA0NjUxMDAyOSIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KQjBi8v4z_4.es5.O/d=1/rs=AJlcJMxGJHznukjXNuzHlG1Iw5QNDS8fsw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2937748c965de9f7c4bc068ffb220a01bd38ba44d267caa00bac35d1902443ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6SsCcNQyfEXuqcqjEhejrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6SsCcNQyfEXuqcqjEhejrg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-6SsCcNQyfEXuqcqjEhejrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6SsCcNQyfEXuqcqjEhejrg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVB-KJh3g9_sffHPvLmGvez5Jf7mSqe1JUZZqnt9v56nodCCymuMrndrIa6-CzBsEtvPlOfLseR7Zeifj1vln4= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 115ms
59ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVB-KJh3g9_sffHPvLmGvez5Jf7mSqe1JUZZqnt9v56nodCCymuMrndrIa6-CzBsEtvPlOfLseR7Zeifj1vln4=?pvid=67F9FC39-FC83-414F-AB67-8927C3CD2D1D&anonid=8ECFE199-136F-4E8F-BA9D-C32D843A2A21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-efVisfzjeNJ4AWmcSjBQAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-efVisfzjeNJ4AWmcSjBQAA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dl.windowsden.uk/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dl.windowsden.uk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-efVisfzjeNJ4AWmcSjBQAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-efVisfzjeNJ4AWmcSjBQAA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 147246189 Show response
fundingchoicesmessages.google.com/i/ 80 KB
28 KB 89ms
69ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/147246189?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cfef5a4f57a9c6c119c7b9ac22446887066b7a6f7ae955b81e958a08101c730

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NRzWkrFdpd4pXuGXTWTVlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-NRzWkrFdpd4pXuGXTWTVlw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NRzWkrFdpd4pXuGXTWTVlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-NRzWkrFdpd4pXuGXTWTVlw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 13:34:14 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 00AE 463 KB
142 KB 141ms
141ms Script
application/javascript 2606:4700:3108::ac42:2b03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695b7bba3b45cdabb333b4f893150bc9dd52a859fb95aecd1e183635c70cfb80

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: OLBLu8BGcoE0SlxxfrHDiA==
age: 234
x-ms-lease-status: unlocked
last-modified: Tue, 07 Dec 2021 13:29:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vD1Mpq7bkEUKJVAp1fbp1OsxmrhMBmDvq%2BPcCavJJwWv00pOLRKlMNAbslhfRb%2FGdESXztdTrWYBYaVGxyLcICNDffy92pXr%2BXU1Vz40ZGyFfP%2FIDOUmNYGj0x1tahIAZd5dW3C4dFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 09a7f18e-201e-000b-776e-eb04fc000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b9e215bff2083b2-MXP

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 9245 463 KB
142 KB 130ms
130ms Script
application/javascript 2606:4700:3108::ac42:2b03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695b7bba3b45cdabb333b4f893150bc9dd52a859fb95aecd1e183635c70cfb80

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: OLBLu8BGcoE0SlxxfrHDiA==
age: 234
x-ms-lease-status: unlocked
last-modified: Tue, 07 Dec 2021 13:29:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUpQoqVPdCQONEv%2BEta7RxnKytNIZLEMj0IyrwS4TeNm6pfIN%2BWtf0irmQurGrD5%2FuKe12o0ASq6yFeCGSz2b7Ej%2FA8HssyFnSwMvVkn5OaBPl9E4%2F7J417yMmqCDlZ0QAsG7XhQ1IA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 09a7f18e-201e-000b-776e-eb04fc000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b9e215c0f5583b2-MXP

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 151ms
59ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US._1Xm3vUFWss.es5.O/d=1/rs=AJlcJMx4Bp5O8FT07SZppZvkkiikLeromQ/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18fac6ddf0ad0519fb5d829a420ecb01af3b77abdca03b85bb843e70796cf303

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 13:34:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 13:34:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A717 79 KB
27 KB 172ms
80ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

838dbdaffc474950f3144aff17824fe622aec4364e056c9992ade03bc195aed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 31 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27028
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FC2B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

151ms
44ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Dec 2021 13:34:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Tue, 07 Dec 2021 13:34:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

POST
H3 204 AGSKWxUSiDNgU5YeTlqBA2w8NE68OXVFuAU1ulunIwOFsS3wvSn4nX5ORtIMQ6ZqYQrbCHpXOZivVxVMYNsoA4q6uD7TcoCG2wrX7ZwWSQAoQ3mEVrY6tW453rPMpyf7lrc1uztiRT9G_ABiCoe2YmNNKHlDVuegkWqMh01hYOR-XAPJaKY8virV3clDc77C Show response
fundingchoicesmessages.google.com/el/ 0
27 B 55ms
55ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUSiDNgU5YeTlqBA2w8NE68OXVFuAU1ulunIwOFsS3wvSn4nX5ORtIMQ6ZqYQrbCHpXOZivVxVMYNsoA4q6uD7TcoCG2wrX7ZwWSQAoQ3mEVrY6tW453rPMpyf7lrc1uztiRT9G_ABiCoe2YmNNKHlDVuegkWqMh01hYOR-XAPJaKY8virV3clDc77C?dmid=46aa782a984c8d02

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WahnVLsva1rOpMJRd6r/JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WahnVLsva1rOpMJRd6r/JA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dl.windowsden.uk/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dl.windowsden.uk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WahnVLsva1rOpMJRd6r/JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WahnVLsva1rOpMJRd6r/JA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 00AE 79 KB
27 KB 79ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c15f7d432b6d5868378375983c9b1b82a23238a40040c971c675720d3d5dcaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 652 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27033
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 379E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

135ms
44ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Dec 2021 13:34:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Tue, 07 Dec 2021 13:34:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9245 79 KB
27 KB 101ms
98ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c15f7d432b6d5868378375983c9b1b82a23238a40040c971c675720d3d5dcaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 349 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27033
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ECFA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

133ms
43ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: dl.windowsden.uk
URL: https://dl.windowsden.uk/se/1046510029
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Dec 2021 13:34:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Tue, 07 Dec 2021 13:34:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 91ms
41ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dl.windowsden.uk
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 344532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:52:02 GMT

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 00AE 347 KB
116 KB 57ms
57ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A717 347 KB
116 KB 63ms
62ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9245 347 KB
116 KB 109ms
109ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://dl.windowsden.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:34:14 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC2B 32 KB
10 KB 51ms
51ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7d7a0c56a2adf0f28b4cae1e4f9c98cb2fe64dc7bbfcde7870adb61b6d31f282

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12085
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Tue, 07 Dec 2021 16:55:40 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 379E 32 KB
10 KB 81ms
80ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7d7a0c56a2adf0f28b4cae1e4f9c98cb2fe64dc7bbfcde7870adb61b6d31f282

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12085
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Tue, 07 Dec 2021 16:55:40 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ECFA 32 KB
10 KB 58ms
57ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7d7a0c56a2adf0f28b4cae1e4f9c98cb2fe64dc7bbfcde7870adb61b6d31f282

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:34:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12085
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Tue, 07 Dec 2021 16:55:40 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FC2B 284 B
536 B 295ms
45ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame ECFA 284 B
536 B 224ms
45ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/jpg

GET khaos.jpg
token.rubiconproject.com/ Frame 379E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/khaos.jpg?

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dl.windowsden.uk/	1970-01-19 23:14:51	Name: XSRF-TOKEN Value: eyJpdiI6ImRDSkYycWs5TGRpVGRuTlZvUStzWWc9PSIsInZhbHVlIjoibUdtbjRsYTRLVStRd3RCVW5KSXcwSEV3akQxbk40M2hyT1lrTU45Q2s3b1VyVENHb1pBR2pwS2Z1c0xSN2RJU2Y3dXY5c25FYm41TlptT2N1ZWZqZlE9PSIsIm1hYyI6IjIzMzM5MWYxMWNmN2Q4N2JiY2Q5YWQxZTExZGY0OWFkZTg1NTA3ZTA1ZWQ3NzIzYTQ0NDFkZGM0MmVjMjI3MzAifQ%3D%3D
dl.windowsden.uk/	1970-01-19 23:14:51	Name: laravel_session Value: eyJpdiI6ImlEUWpcL1JUaFwvSDFieXF6MzEwMjJKZz09IiwidmFsdWUiOiJHUTRFcjhBTWtEbnllNFBCMmFYdFJjKzhld1d2ZU5qWWx6T0ZWQzZWR0JCZm5VYUFXNW9tQU5SZVwvdjVFZFgwMEREc1ZDbFdaT2Fna2JvSjA0V0JLMVE9PSIsIm1hYyI6ImZjYTBmYjVjMjYzOThlZTlkZDQwMzQxNDMyNTRhODM5MTkyOGU4OWYxNzA5NDQ4Y2EwNzcxMDBmMjg5OTcyNzMifQ%3D%3D
dl.windowsden.uk/	1970-01-19 23:14:45	Name: stpdOrigin Value: {"origin":"direct","referrer":"dl.windowsden.uk","ex":"Tue, 07 Dec 2021 14:04:14 GMT"}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dl.windowsden.uk/public/material/css/images/stars.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
dl.windowsden.uk
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
pcmac.download
pubads.g.doubleclick.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
store-images.s-microsoft.com
stpd.cloud
token.rubiconproject.com
windowsden.uk
www.googletagservices.com
token.rubiconproject.com
104.109.78.125
142.250.184.194
2.19.35.65
2606:4700:3032::6815:3f61
2606:4700:3108::ac42:2b03
2606:4700::6810:5514
2a00:1450:4001:802::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
2a02:26f0:6c00:282::2a1
2a02:26f0:6c00:287::2a1
2a02:26f0:6c00:2a8::2a1
2a02:26f0:6c00:2aa::3114
2a02:26f0:6c00:2ab::2a1
69.173.144.138
94.237.97.149
01a1c5a0e61735ff747a34ccc41a8e9d88592367680f9a61e415659d79f64e97
0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843
18fac6ddf0ad0519fb5d829a420ecb01af3b77abdca03b85bb843e70796cf303
2937748c965de9f7c4bc068ffb220a01bd38ba44d267caa00bac35d1902443ea
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94
334d4b1751bce9c987229e309612b3c76ac8615748c5e3fc94218bb7262bcbcf
3cfef5a4f57a9c6c119c7b9ac22446887066b7a6f7ae955b81e958a08101c730
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c15f7d432b6d5868378375983c9b1b82a23238a40040c971c675720d3d5dcaf
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
5366e04e09318c870caab72c296b67880534a5a17c1b7490c75b4c4248a61b4d
54b8d97e336b3096a4a5d9bacffa11ca73238d9a8bc64f2a105daa8d7a2f90f9
6354db64c6c4b552a7dc1bb58100e18dea559c796524afb3fb87bff2be14b147
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
695b7bba3b45cdabb333b4f893150bc9dd52a859fb95aecd1e183635c70cfb80
738a7ff5aeccde8820a9531f4d58f18a6d9646b8f78c5030445151f55b45fa89
7c801919f9988e81d8d1793b64b01606157804456df6b737ed837f18c8bdeb6f
7d7a0c56a2adf0f28b4cae1e4f9c98cb2fe64dc7bbfcde7870adb61b6d31f282
838dbdaffc474950f3144aff17824fe622aec4364e056c9992ade03bc195aed1
85c228fb9b47a145a3b51ce1e1085ed98918f79b7a53166fc5246914ead23942
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
8831ee3e677af69d87a3b4e9f105c9055d6c271270d88494da5208df96564a56
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad
ae58c7cb908babc4799db22036b39768a2f76f74c20d8a2377a15d8b0355ccd6
b3d8cfa6664b9186187fc7ce802c78efcf0eab0039f8666c0b6ba26cbe7899c3
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c587d6178da56934b7efdec138f2585dd1a19d853293bae758000233e8671713
d1b558a1327b795bf5ea6bccb9475b03ab9501f86250e14bb062c4d15633e999
d1b9f02725bc15bb362bb9d2176ea44c3c54912be47361d0538765c6bd93fa13
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc
e1c1cece1dfbd402553e9db613b489708209a9ebff4fb87fc5c02e6531afd111
e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b4769aa3c07c1790922eef04855d4da76a4468c351798036c45f431dc4fa45
ffd59065d1ede144873d18d1cc57548c1e63a416d3982cc172411f818f79fc9a

dl.windowsden.uk Open in urlscan Pro 94.237.97.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

60 Requests

98 %HTTPS

72 %IPv6

12 Domains

20 Subdomains

18 IPs

3 Countries

2149 kBTransfer

5502 kBSize

3 Cookies

15 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dl.windowsden.uk Open in urlscan Pro
94.237.97.149 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

72 %
IPv6

12
Domains

20
Subdomains

18
IPs

3
Countries

2149 kB
Transfer

5502 kB
Size

3
Cookies

60 HTTP transactions
0 data transactions