hwhelp.cc Open in urlscan Pro
2606:4700:3036::ac43:c27e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hwhelp.cc/
Effective URL:
https://hwhelp.cc/
Submission: On February 28 via manual (February 28th 2023, 9:48:25 pm UTC) from US — Scanned from US

Summary HTTP 128 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 29 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3036::ac43:c27e, located in United States and belongs to CLOUDFLARENET, US. The main domain is hwhelp.cc.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 11th 2022. Valid for: a year.

This is the only time hwhelp.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3036::ac43:c27e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	23.195.100.26 23.195.100.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.159.128.232 162.159.128.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.212.194 199.232.212.194	54113 (FASTLY) (FASTLY)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1400:d:5... 2600:1400:d:5a6::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.217.234.17 52.217.234.17	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2620:0:860:ed... 2620:0:860:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2606:4700:303... 2606:4700:3031::ac43:d0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:d147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.135 151.101.193.135	54113 (FASTLY) (FASTLY)
1	2600:1400:d:5... 2600:1400:d:59f::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	173.208.209.196 173.208.209.196	32097 (WII) (WII)
1 1	35.232.130.91 35.232.130.91	15169 (GOOGLE) (GOOGLE)
1	66.29.132.210 66.29.132.210	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2	23.204.152.39 23.204.152.39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	34.111.96.116 34.111.96.116	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:c... 2600:1901:0:cba2::	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
128	34

7 2606:4700:3036::ac43:c27e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hwhelp.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

site-assets.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.195.100.26 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.232 (None, )

ASN13335 (CLOUDFLARENET, US)

media.discordapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.212.194 (United States)

ASN54113 (FASTLY, US)

www.giantbomb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

th.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:5a6::2a1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.234.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

opimg.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80b::2016 (Nutley, United States)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:860:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

playslope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d147 (United States)

ASN13335 (CLOUDFLARENET, US)

img.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.135 (United States)

ASN54113 (FASTLY, US)

assets2.ignimgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:59f::2a1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s1.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.208.209.196 (United States)

ASN32097 (WII, US)

www.pngitem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.232.130.91 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 91.130.232.35.bc.googleusercontent.com

mk0gameseverytif1pm6.kinstacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.29.132.210 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium273-5.web-hosting.com

www.gameseverytime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.204.152.39 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-39.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.111.96.116 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.96.111.34.bc.googleusercontent.com

dts.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:cba2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

dts6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80e::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2004 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	480 KB
16	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939 adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	54 KB
15	clnmde.com dts.clnmde.com — Cisco Umbrella Rank: 21277 dts6.clnmde.com — Cisco Umbrella Rank: 24697	3 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	113 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	72 KB
7	hwhelp.cc 1 redirects hwhelp.cc	292 KB
6	bing.com th.bing.com — Cisco Umbrella Rank: 247	151 KB
5	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 409	1 MB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	145 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
3	media.net contextual.media.net — Cisco Umbrella Rank: 563 lg3.media.net — Cisco Umbrella Rank: 4898	50 KB
2	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 18166	38 KB
2	mzstatic.com is2-ssl.mzstatic.com — Cisco Umbrella Rank: 1573 s1.mzstatic.com	719 KB
2	giantbomb.com www.giantbomb.com — Cisco Umbrella Rank: 95866	194 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	47 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	599 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	241 B
1	gameseverytime.com www.gameseverytime.com	14 KB
1	kinstacdn.com 1 redirects mk0gameseverytif1pm6.kinstacdn.com	161 B
1	pngitem.com www.pngitem.com — Cisco Umbrella Rank: 38982	161 KB
1	ignimgs.com assets2.ignimgs.com — Cisco Umbrella Rank: 225155	48 KB
1	poki.com img.poki.com — Cisco Umbrella Rank: 23775	9 KB
1	playslope.com playslope.com — Cisco Umbrella Rank: 337983	89 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2261	42 KB
1	amazonaws.com opimg.s3.amazonaws.com	115 KB
1	discordapp.net media.discordapp.net — Cisco Umbrella Rank: 5520	582 B
1	fontawesome.com site-assets.fontawesome.com — Cisco Umbrella Rank: 79124	75 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 693	83 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	81 KB
128	29

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	hwhelp.cc pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	dts.clnmde.com	pxlclnmdecom-a.akamaihd.net hwhelp.cc
12	fundingchoicesmessages.google.com	hwhelp.cc
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com hwhelp.cc googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	hwhelp.cc	1 redirects hwhelp.cc
6	th.bing.com	hwhelp.cc
5	play-lh.googleusercontent.com	hwhelp.cc
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	www.giantbomb.com	hwhelp.cc
2	contextual.media.net	hwhelp.cc contextual.media.net
2	cdn.jsdelivr.net	hwhelp.cc
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dts6.clnmde.com	hwhelp.cc
1	lg3.media.net	hwhelp.cc
1	www.google-analytics.com	www.googletagmanager.com
1	www.gameseverytime.com	hwhelp.cc
1	mk0gameseverytif1pm6.kinstacdn.com	1 redirects
1	www.pngitem.com	hwhelp.cc
1	s1.mzstatic.com	hwhelp.cc
1	assets2.ignimgs.com	hwhelp.cc
1	img.poki.com	hwhelp.cc
1	playslope.com	hwhelp.cc
1	upload.wikimedia.org	hwhelp.cc
1	opimg.s3.amazonaws.com	hwhelp.cc
1	is2-ssl.mzstatic.com	hwhelp.cc
1	media.discordapp.net	hwhelp.cc
1	site-assets.fontawesome.com	hwhelp.cc
1	code.jquery.com	hwhelp.cc
1	www.googletagmanager.com	hwhelp.cc
128	36

This site contains links to these domains. Also see Links.

Domain
billing.billigerhost.com
www.patreon.com
discord.gg

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-11` - `2023-04-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
discordapp.net Cloudflare Inc ECC CA-3	`2022-10-03` - `2023-10-03`	a year	crt.sh
giantbomb.com R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-25` - `2023-05-25`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.wikipedia.org R3	`2022-12-25` - `2023-03-25`	3 months	crt.sh
*.playslope.com GTS CA 1P5	`2023-01-22` - `2023-04-22`	3 months	crt.sh
ign.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-24` - `2024-03-27`	a year	crt.sh
pngitem.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
dts.clnmde.com GTS CA 1D4	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://hwhelp.cc/
Frame ID: 16550C5138D50E8CB2913343D89AB8BB
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Frame ID: 25512ADBF510F8865DDCC33D6448A288
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: CFB15DBEE9257C424C7DCC5352BD3FEC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3715996854656266&output=html&adk=1812271804&adf=1573534164&lmt=1675635005&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhwhelp.cc%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677620893841&bpp=11&bdt=1128&idt=1084&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6976038386709&frm=20&pv=2&ga_vid=217360747.1677620894&ga_sid=1677620895&ga_hid=10819814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072387&oid=2&pvsid=67824503344040&tmod=2063041277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1193
Frame ID: 63C2F54B9420F0E50B49FECF4F44A6AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3715996854656266&output=html&h=280&slotname=8595788668&adk=2187180025&adf=3025194257&pi=t.ma~as.8595788668&w=1200&fwrn=4&fwrnh=100&lmt=1675635005&rafmt=1&format=1200x280&url=https%3A%2F%2Fhwhelp.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677620893852&bpp=3&bdt=1138&idt=1239&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6976038386709&frm=20&pv=1&ga_vid=217360747.1677620894&ga_sid=1677620895&ga_hid=10819814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072387&oid=2&pvsid=67824503344040&tmod=2063041277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0nNe3R2h5P&p=https%3A//hwhelp.cc&dtd=1257
Frame ID: 557A267DD38D4F018BA47B1652084D0C
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Frame ID: 821814104D8E2B17B43399FAA99A2875
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Frame ID: 79143A39CB7C3CE634AF4F9C058DEC59
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 41893ABBBABFBDC057A8F760605C0572
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9C165D0386D99C21A704D44C2B25EA4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: 7AA8B4BA047FE05184EC3C4229FAC13B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: 42235C1DA592CD838DFCE61CD111E7EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: 6CDACF1DC3C3EE9AA6DAE8F31E92EF07
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6D48D657C10501DBF1F0E967447916C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 322F0BABAB3A641E6660F6455B725F5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

http://hwhelp.cc/ HTTP 301
https://hwhelp.cc/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

128
Requests

99 %
HTTPS

71 %
IPv6

29
Domains

36
Subdomains

34
IPs

3
Countries

4558 kB
Transfer

8424 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://billing.billigerhost.com/aff.php?aff=52

Search URL Search Domain Scan URL

URL: https://www.patreon.com/hwhelpcc/
Title: Support us with Patreon!

Search URL Search Domain Scan URL

URL: https://discord.gg/nFAsQ64eun
Title: Join our discord!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hwhelp.cc/ HTTP 301
https://hwhelp.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mk0gameseverytif1pm6.kinstacdn.com/wp-content/uploads/2020/01/paper-minecraft.jpg HTTP 301
https://www.gameseverytime.com/wp-content/uploads/2020/01/paper-minecraft.jpg

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

128 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hwhelp.cc/
Redirect Chain

http://hwhelp.cc/
https://hwhelp.cc/

21 KB
5 KB

547ms
460ms

Document
text/html

2606:4700:3036::ac43:c27e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c27e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0db97f770eb0d054ac6c30674088cbbbef0d36fc5154ea348c0a1b1688fe3b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7a0c5cf08fe69ae6-MIA
content-encoding: br
content-type: text/html
date: Tue, 28 Feb 2023 21:48:12 GMT
last-modified: Sun, 05 Feb 2023 22:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnprTKRn7jaAmhyS3gRyXUa13VYQ26BzFKFXdN2GgIhrEa5yP8R1scmMYTEfDx70a3wkeZnhBC7MTQfodYWjNSqTFAvThKt28FkzO0H2RXuzAHfxUWzyBJGhwmSBF1VKmi3IKg4mDBg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a0c5cedcd9c3707-MIA
Connection: keep-alive
Content-Type: text/html
Date: Tue, 28 Feb 2023 21:48:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdqeDfLSFeEczZs0NVM%2F1w9q7tbwZ4DVItI9x46NKWdeIHLhQGF5hUTuxq2kkIX26mBQxHyrWo1BAITVPzehus%2BGO4UGd1cPg6WLmEuO8ZVEEBYYq0K%2BbHprK61uiD%2F0q%2Bjn14Wenls%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
location: https://hwhelp.cc/
vary: User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 294ms
116ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B85FZY0ZKE

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e6b2b5f719d83d63b62148509784cc8fad00a4a09474567b396c37bade5cfc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 21:48:12 GMT

GET
H2 200 pub-3715996854656266 Show response
fundingchoicesmessages.google.com/i/ 126 KB
43 KB 321ms
143ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-3715996854656266?ers=1

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f09e86e2999c9d42b73221ee8dd4aba2c99e91a66337e494020011642b93d4a9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-IVS1n_CNQJz4zG8qzCKPPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-IVS1n_CNQJz4zG8qzCKPPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-3.6.0.js Show response
code.jquery.com/ 282 KB
83 KB 141ms
39ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.js
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

Referer: https://hwhelp.cc/
Origin: https://hwhelp.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-46744"
vary: Accept-Encoding
x-hw: 1677620892.dop212.mi1.t,1677620892.cds220.mi1.hn,1677620892.cds235.mi1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84714

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
23 KB 65ms
43ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hwhelp.cc/
Origin: https://hwhelp.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Feb 2023 21:48:13 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 566854
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
x-served-by: cache-fra-eddf8230075-FRA, cache-gnv1820024-GNV
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
24 KB 229ms
60ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hwhelp.cc/
Origin: https://hwhelp.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Feb 2023 21:48:12 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 566855
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
x-served-by: cache-fra-eddf8230037-FRA, cache-gnv1820024-GNV
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.css
site-assets.fontawesome.com/releases/v6.0.0/css/ 455 KB
75 KB 200ms
62ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.0.0/css/all.css
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ef19507353beb14a0415f80892c79742e8bd5072cfafd0e8806b12baeb7ef2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 20:23:49 GMT
server: cloudflare
x-amz-request-id: 1K74K8H4K2VD210F
age: 3207442
etag: W/"c8ccf9786058107114b343d52efb40bc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7a0c5cf47991db1d-MIA
x-amz-id-2: dchfYAeG81DKB9dvjyH09EFm1COxG4AITSvLUYdSXjCNmmCVIJx+md1059C/85/YWveUTMqTyNE=

GET
H2 200 global.css
hwhelp.cc/css/ 869 B
808 B 479ms
477ms Stylesheet
text/css 2606:4700:3036::ac43:c27e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hwhelp.cc/css/global.css
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c27e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2d69e04f31af881e4f87a2af363db15fe2cfc922e98d86e5c07d5f1bbe101d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 05 Feb 2023 22:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1107463198-869-1675635005000"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YkrHPZ442QNw68%2F6T1l9wHqlB8b2Jt8M376vidVb1D0nDY0igqb5B7C2H%2F8p9n%2FXKYuJWp2TMU0PdrJRus78eGGDu7WdFiEVjHpwHtn74i0l2O42eR1ktoSp8r3Jc08p49DLeVrMw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7a0c5cf3ae319ae6-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 337ms
94ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3715996854656266

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

171a652cd0caafa0ab02639c7aec3312fd34a1eb47d0b9404e1fe088104d9e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Origin: https://hwhelp.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49396
x-xss-protection: 0
server: cafe
etag: 14691840112018184546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 21:48:13 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 146 KB
49 KB 361ms
127ms Script
text/javascript 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU6A4582

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e37032236005775d256524b1718a176ef35f7cac0b89660e4533bdae94ad883a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-mnt-h: 22-plrp
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 28 Feb 2023 21:48:13 GMT
server: Apache
etag: "65f6299e5f5deff938af37c8fe7b8c1a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-plrp
expires: Tue, 28 Feb 2023 21:53:13 GMT

GET
H2 404 Banner_AD_for_TB_v5png.png
media.discordapp.net/attachments/1069928824663441428/1070027318300524644/ 0
582 B 259ms
113ms Image
text/plain 162.159.128.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.discordapp.net/attachments/1069928824663441428/1070027318300524644/Banner_AD_for_TB_v5png.png?width=401&height=225
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URhGDl6sMoZymu1PhWspGVdzp6fbDANnVBBa67TCOo8NokDgridL2nzdiOPQzDrVHoPjHYYD5fAdLQywuxA7%2F5NbUb5Hkw7CPVajldVtkjFh5lvvBm%2FQYEWIe75weNovuKjs3swx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment
cf-ray: 7a0c5cf81d566dd1-MIA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length: 0
expires: Wed, 28 Feb 2024 21:48:13 GMT

GET
H2 200 3160840-1v1.lol%20official%20logo.jpg
www.giantbomb.com/a/uploads/scale_small/45/454004/ 89 KB
89 KB 203ms
48ms Image
image/jpeg 199.232.212.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.giantbomb.com/a/uploads/scale_small/45/454004/3160840-1v1.lol%20official%20logo.jpg

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.232.212.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4d27691b3ab52a6a5887988f71d82f55c35e1b003775fefa99acc01860359a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Jan 2020 17:58:54 GMT
x-timer: S1677620893.474777,VS0,VE1
etag: "89e245da5e1927417ea1a82d4aab49a3"
vary: Accept-Encoding, Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 90820
expires: Wed, 25 Jan 2023 13:22:46 GMT

GET
H2 200 OIP.gBUw3nDEDdBvcnJbypR3nwHaHa
th.bing.com/th/id/ 20 KB
20 KB 305ms
118ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.gBUw3nDEDdBvcnJbypR3nwHaHa?pid=ImgDet&rs=1
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: be5a757209190e58571f4af5206d69888cc09288fc19b84085d83dbc5f037c6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83F94ADFE55E456CBD2449BF8D30E258 Ref B: MIA301000101021 Ref C: 2023-02-28T21:48:13Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 20722

GET
H2 200 1280x1280bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple128/v4/76/23/b6/7623b619-0abc-d87e-0b5d-84af189ca809/source/ 113 KB
114 KB 787ms
245ms Image
image/jpeg 2600:1400:d:5a6::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple128/v4/76/23/b6/7623b619-0abc-d87e-0b5d-84af189ca809/source/1280x1280bb.jpg

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5a6::2a1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

491bc23f5940c1c0d8fe4a307314538dc19ff3d205b20194b48c6476742d5a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-apple-jingle-correlation-key: AU5PD2TBSY7YIMC5JX5QI6MQ4M
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Feb 2023 21:48:13 GMT
x-b3-traceid: 053af1ea61963f84305d4dfb047990e3
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE113:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: 0e5c0834-5c90-42f4-b43b-0f9c026bf737-503461750
x-cache: TCP_MISS from a23-33-238-78.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
b3: 053af1ea61963f84305d4dfb047990e3-ffe84536c5598365
content-length: 115550
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Fri, 02 Sep 2022 13:58:29 GMT
x-cache-remote: TCP_HIT from a23-33-238-39.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYyMTI3MTA5NDc2LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMzI5LG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 053af1ea-6196-3f84-305d-4dfb047990e3
x-b3-spanid: ffe84536c5598365
cache-control: no-transform, max-age=14615137
timing-allow-origin: *

GET
H/1.1 200
OK 2f9f3d3a1a.jpg
opimg.s3.amazonaws.com/ 115 KB
115 KB 293ms
102ms Image
application/octet-stream 52.217.234.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opimg.s3.amazonaws.com/2f9f3d3a1a.jpg
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.234.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c1960e161692a3fe2ae13c463ead5ad1d46bbcfd7d25b6c2d52a172108156366

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 21:48:14 GMT
Last-Modified: Sat, 25 Apr 2020 02:53:35 GMT
Server: AmazonS3
x-amz-request-id: 4QCKAKXR5DH1KJGB
ETag: "c0ac1532abf9934f67cbfc62b1c5e3d2"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 117672
x-amz-id-2: cJOuPzodQMDr849wCT/O/hi+Nq2X8TkSc04Pn0t32vR0j3rjdWwc8azuQqTCBY0auq3gGbDcu+Y=

GET
H2 200 OIP.ePDzkGoSxKkGLJ0sjd7aJgHaE7
th.bing.com/th/id/ 13 KB
13 KB 266ms
79ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.ePDzkGoSxKkGLJ0sjd7aJgHaE7?pid=ImgDet&rs=1
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 54ce9683318572b0ea64a23aed7e9d949b598ca92b38e5f8f7fea254f63971b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC54D298B19A4316A6FCA7381F384456 Ref B: MIA301000101021 Ref C: 2023-02-28T21:48:13Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 13282

GET
H2 200 WNWZaxi9RdJKe2GQM3vqXIAkk69mnIl4Cc8EyZcir2SKlVOxeUv9tZGfNTmNaLC717Ht
play-lh.googleusercontent.com/ 185 KB
185 KB 313ms
67ms Image
image/png 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/WNWZaxi9RdJKe2GQM3vqXIAkk69mnIl4Cc8EyZcir2SKlVOxeUv9tZGfNTmNaLC717Ht

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b66bf9dcfc22252de90bcaa3702d52fd6a53ae2178d8a96e80c137fb38226553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 18:06:00 GMT
x-content-type-options: nosniff
age: 13333
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189133
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Mar 2023 18:06:00 GMT

GET
H2 200 VSwHQjcAttxsLE47RuS4PqpC4LT7lCoSjE7Hx5AW_yCxtDvcnsHHvm5CTuL5BPN-uRTP
play-lh.googleusercontent.com/ 44 KB
44 KB 535ms
290ms Image
image/png 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/VSwHQjcAttxsLE47RuS4PqpC4LT7lCoSjE7Hx5AW_yCxtDvcnsHHvm5CTuL5BPN-uRTP

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d676e742b549cf7b4698cb9dc5be5f1734bc59313958cf9a7b7acd92a5ff3d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:25:32 GMT
x-content-type-options: nosniff
age: 8561
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45434
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Mar 2023 03:08:38 GMT

GET
H2 200 Fortnite_F_lettermark_logo.png
upload.wikimedia.org/wikipedia/commons/7/7c/ 41 KB
42 KB 388ms
108ms Image
image/png 2620:0:860:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/7/7c/Fortnite_F_lettermark_logo.png

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:860:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

7813f7e553f2828a60673566ee54da97593477f561c5ade57f5a2f76b4ac3cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:49:20 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 21533
x-cache-status: hit-front
x-cache: cp2030 hit, cp2034 hit/167
server-timing: cache;desc="hit-front", host;desc="cp2034"
content-length: 41742
x-client-ip: 2001:550:1d05:1::13
x-object-meta-sha1base36: hb94rme4mytze7abkuq36wzvcxk6fw9
last-modified: Wed, 18 Aug 2021 02:22:23 GMT
server: ATS/9.1.4
etag: 8f595e81958e6bd59ed47f91f7131697
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slope.jpg
playslope.com/images/ 88 KB
89 KB 323ms
43ms Image
image/jpeg 2606:4700:3031::ac43:d0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playslope.com/images/slope.jpg
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1e707b6097e06f03ae7ea671cfdb3a07557a61bec4918a8f5099e2feab59d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90088
last-modified: Thu, 17 Feb 2022 15:17:41 GMT
server: cloudflare
etag: "620e6715-15fe8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFw7KLcfT6NDYZGoUclYaEcQQHLtdRWf1oJgB9i7FOH3ymzATvABLiwmrBV0qYZh5pqpk7Ao%2FTjoPaGqpmF1ycbufi%2FmMA3pm4tT%2B0c4TfJ%2FFx92cn0O%2Fa8w9suC2EeNUIoIE5J96RRB8Kqd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7a0c5cfa9e2b3712-MIA
expires: Wed, 01 Mar 2023 00:54:28 GMT

GET
H2 200 d3c19e9b-9b7b-4a54-9cb5-6188a5bd7d3b.png
img.poki.com/cdn-cgi/image/quality=78,width=314,height=314,fit=cover,f=auto/ 9 KB
9 KB 328ms
47ms Image
image/avif 2606:4700::6810:d147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.poki.com/cdn-cgi/image/quality=78,width=314,height=314,fit=cover,f=auto/d3c19e9b-9b7b-4a54-9cb5-6188a5bd7d3b.png

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f20452ff2f18285804b0b3a0456207c88a1640e508290fb83c01f6312a95e1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9124
cf-resized: internal=ok/h q=0 n=5+117 c=0+0 v=2023.2.6 l=9124
last-modified: Tue, 23 Jul 2019 19:51:43 GMT
cf-bgj: imgq:78,h2pri
server: cloudflare
etag: "cf8vcLVavtpYaCSFZdFumKqlqFJHAD4ZSkFeNoaSCNDQ:69e1b0f1f6b5a1e0fd3541e5f8c5ce22"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a0c5cfa9b12b3c1-MIA

GET
H2 200 OssE3ON9WsLZedOF39UCgtIHcRYfV0OqQS9O78LfmRdxSyKdHX52G2OFa0LkG6D-k9w
play-lh.googleusercontent.com/ 448 KB
449 KB 291ms
288ms Image
image/png 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/OssE3ON9WsLZedOF39UCgtIHcRYfV0OqQS9O78LfmRdxSyKdHX52G2OFa0LkG6D-k9w

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8fa9268ce7294624826e500990c0faac0f1a3773c3e011f01b67b4aa87a25625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:57:48 GMT
x-content-type-options: nosniff
age: 6625
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 459217
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Feb 2023 14:46:37 GMT

GET
H2 200 xEDOZ9oZZrHswGxUR3w55e4XL9nF2r9HQpmpBO2iGsX3EbCstxawIpZB-EykrCPl6c0
play-lh.googleusercontent.com/ 355 KB
355 KB 373ms
370ms Image
image/png 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/xEDOZ9oZZrHswGxUR3w55e4XL9nF2r9HQpmpBO2iGsX3EbCstxawIpZB-EykrCPl6c0

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c1aad7985ba111941c915434c417fe5a24625b1b1ad22b7e692afa28840cee28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 363099
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 21 Feb 2023 01:54:09 GMT

GET
H2 200 NVJuKheL9D0uzQf-QNTBtcr7BzfUwwqi4-zKVddVdxrsMdoNAv7k332oso9th4ns4Xwa
play-lh.googleusercontent.com/ 447 KB
448 KB 379ms
377ms Image
image/png 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/NVJuKheL9D0uzQf-QNTBtcr7BzfUwwqi4-zKVddVdxrsMdoNAv7k332oso9th4ns4Xwa

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4404df3d0ba782d0839aa359844575924e25ebb4b1ffedee9c8527d237643d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 458163
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Mar 2023 17:33:58 GMT

GET
H2 200 OIP.YZwheE6FWmMwk7bnsnM9dQHaHa
th.bing.com/th/id/ 30 KB
31 KB 119ms
117ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.YZwheE6FWmMwk7bnsnM9dQHaHa?pid=ImgDet&rs=1
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f11d7ee0911a621e3464dae6be83e5d853e0ed6b552dafa5702ce493a15b50d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 067F71E07E8A451F908FB86AACBA72D6 Ref B: MIA301000101021 Ref C: 2023-02-28T21:48:13Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 31175

GET
H2 200 happy-wheels-buttonjpg-b22bcb.jpg
assets2.ignimgs.com/2015/08/31/ 54 KB
48 KB 360ms
80ms Image
image/jpeg 151.101.193.135
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.ignimgs.com/2015/08/31/happy-wheels-buttonjpg-b22bcb.jpg
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.135 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44d52aaa0684071651cc7bbfe4bc3703d708fc5bbcbf003341ef3ebb4d94f59b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-encoding: gzip
via: 1.1 varnish
age: 5350273
x-cache: HIT, HIT
fastly-io-info: ifsz=68257 idim=1024x1024 ifmt=jpeg ofsz=55542 odim=1024x1024 ofmt=jpeg
fastly-stats: io=1
content-length: 48456
x-served-by: cache-iad-kjyo7100135-IAD, cache-fty21357-FTY
x-timer: S1677620894.863807,VS0,VE32
etag: "KCceSKyoh8u1jQIXbOOdGvFMYyaiD20deHnVw1iYxOo"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=7776000,public
accept-ranges: bytes
x-cache-hits: 64, 1

GET
H2 200 OIP.6oonjZ6OJFlH1eNhHsgWTgAAAA
th.bing.com/th/id/ 29 KB
29 KB 84ms
81ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.6oonjZ6OJFlH1eNhHsgWTgAAAA?pid=ImgDet&rs=1
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b1deba82b716124cdf4af6a8f82a75e0dc26c2e92419dcd0d0fcabe85c1d6b32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BCBDB9088B4B415DA202E08470E2F2ED Ref B: MIA301000101021 Ref C: 2023-02-28T21:48:13Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 29850

GET
H2 200 mzl.pyrbezag.png
s1.mzstatic.com/us/r30/Purple/v4/a8/00/e1/a800e18e-d37d-f860-de10-9ae8d28d7e4a/ 603 KB
605 KB 557ms
167ms Image
image/png 2600:1400:d:59f::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.mzstatic.com/us/r30/Purple/v4/a8/00/e1/a800e18e-d37d-f860-de10-9ae8d28d7e4a/mzl.pyrbezag.png
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:59f::2a1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3b2ed9ee32a8b95515a58cbf44a74af6b5b24e2daee0d4cd243e0ab5d3d2c91f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
x-icloud-content-length: 617286
cdnuuid: e1bbc82a-cbed-4d39-a293-d76f8b5bcdd2-5766615882
x-cache: TCP_MISS from a23-33-238-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-amz-storage-class: STANDARD
x-icloud-availability: [DL, L, B]
x-icloud-versionid: b97079e0-471d-11e8-900b-248a071e74f6
x-responding-server: massilia_protocol_020:620007304:qs36p01if-zteh13094001.qs.if.apple.com:8083:22S63:6f4298d4f506
content-length: 617286
last-modified: Mon, 23 Apr 2018 17:42:42 GMT
x-cache-remote: TCP_REFRESH_HIT from a23-33-238-54.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
etag: "3904CA2F61740081F6B67ACF1FCDA013"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
x-apple-request-uuid: 232cd498-228a-4d71-a87f-2bf1195e4771, 232cd498-228a-4d71-a87f-2bf1195e4771
x-apple-ms-content-length: 617286
access-control-allow-credentials: false
cache-control: public, max-age=2592000
access-control-allow-headers: range

GET
H2 200 3179278-bbros_keyart01.jpg
www.giantbomb.com/a/uploads/scale_small/39/391699/ 105 KB
105 KB 65ms
62ms Image
image/jpeg 199.232.212.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.giantbomb.com/a/uploads/scale_small/39/391699/3179278-bbros_keyart01.jpg

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.232.212.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1168982897ac3c66c2cb98163742d3b870be108300d87b548d97869f9fdce33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 04 Apr 2020 06:42:20 GMT
x-timer: S1677620894.590795,VS0,VE1
etag: "0fe1e5bd573f8ff306cd240353301a55"
vary: Accept-Encoding, Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 107426
expires: Wed, 15 Feb 2023 13:59:36 GMT

GET
H2 200 OIP.T--X7b4J4Zfej4Pvwi5KbwAAAA
th.bing.com/th/id/ 36 KB
36 KB 87ms
85ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.T--X7b4J4Zfej4Pvwi5KbwAAAA?pid=ImgDet&rs=1
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 455e987c5b6892f8ca01a0c252877aa9263f3cf8fe4ffc32f059912f8c4479a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA5FCC70CFC9423B8BA8DA22BB62BD67 Ref B: MIA301000101021 Ref C: 2023-02-28T21:48:13Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 36566

GET
H/1.1 200
OK 184-1842476_transparent-background-transparent-background-flappy-bird-hd-png.png
www.pngitem.com/pimgs/m/ 163 KB
161 KB 741ms
461ms Image
image/png 173.208.209.196
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngitem.com/pimgs/m/184-1842476_transparent-background-transparent-background-flappy-bird-hd-png.png
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.208.209.196 , United States, ASN32097 (WII, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 56ee52c88a060ed9fbd38617a6a78769e69c07e11da398bbb8df98d51ca86640

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 21:48:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Dec 2022 19:46:52 GMT
Server: nginx/1.14.0
ETag: W/"639633ac-28b21"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H2

200

paper-minecraft.jpg
www.gameseverytime.com/wp-content/uploads/2020/01/
Redirect Chain

https://mk0gameseverytif1pm6.kinstacdn.com/wp-content/uploads/2020/01/paper-minecraft.jpg
https://www.gameseverytime.com/wp-content/uploads/2020/01/paper-minecraft.jpg

14 KB
14 KB

560ms
247ms

Image
image/jpeg

66.29.132.210
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gameseverytime.com/wp-content/uploads/2020/01/paper-minecraft.jpg
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Server: 66.29.132.210 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium273-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7366639e975cfef8687b5723f3f551aa4ab0c927fb43d4e44cf3227512199edc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
last-modified: Thu, 30 Jan 2020 23:19:46 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14229
expires: Tue, 07 Mar 2023 21:48:14 GMT

Redirect headers

location: https://www.gameseverytime.com/wp-content/uploads/2020/01/paper-minecraft.jpg
date: Tue, 28 Feb 2023 21:48:14 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 OIP.HyhQkwSX2aTcCXBH_3uXswHaHO
th.bing.com/th/id/ 21 KB
22 KB 94ms
93ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.HyhQkwSX2aTcCXBH_3uXswHaHO?pid=ImgDet&rs=1
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4475165d648177c5669d6555bfb0383169de11c8cda3887f442a3139063ab35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C798AFECAFF34C74832D40EB56E14159 Ref B: MIA301000101021 Ref C: 2023-02-28T21:48:13Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 22000

GET
H3 200 uv.bundle.js Show response
hwhelp.cc/uv/ 2 MB
283 KB 877ms
872ms Script
application/javascript 2606:4700:3036::ac43:c27e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hwhelp.cc/uv/uv.bundle.js
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c27e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adea872ab27c7d5c3fb98a8abaec2967782fca85fa533a76f302acb51cf044f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 05 Feb 2023 22:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2189865121-1609828-1675635005000"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lirCmlBY0ZZsYhhb5RbkLqAGk3L%2FP3k7k3gDqvTeANMMORTy7cpD6o%2FvWmITNCelKSzcJWuiDJpJrjSZ52NvFIlioJxjrEvdb5ePrmZNUtrHy0WcA7DoCUpIoBsBzkI0B6TTL%2FRDVoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7a0c5cf719576dc2-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 uv.config.js Show response
hwhelp.cc/uv/ 280 B
665 B 503ms
463ms Script
application/javascript 2606:4700:3036::ac43:c27e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hwhelp.cc/uv/uv.config.js
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c27e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f5736078f59691a59ec7e83e79c4ee0a30fed478942f6ca72a5630f6c36555

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 05 Feb 2023 22:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2189924635-280-1675635005000"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDx2nRcL3YTnphd8jDHFj8AQ2RTJEjPbLNBXl1Nl6OyePnW0cqSpbCVmzAaHlfs55kqB8Z8BcYtUAeOD9bL1RMhLcSwm%2FvLVJbrWiqji%2BhZx%2BDCvTph%2BxASMB1ioUr31VsSwDVYgd2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7a0c5cf7599d6dc2-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
hwhelp.cc/ 732 B
938 B 500ms
460ms Script
application/javascript 2606:4700:3036::ac43:c27e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hwhelp.cc/index.js
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c27e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b2b1f3109818138642e539ea79301b4674dd72eb17548115e41b0e7f087739

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 05 Feb 2023 22:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3268679694-732-1675635005000"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yP27hSnqZAImg3NU5YNwYgCD2yDz6KIjCdUl2y71UQbdQg3570Zw1WBmGbaC8TD%2BCh3WCHMilu%2F3Iby7LVwoP4kfNF2oEzVMtKs%2F0w6kbSXN4iXsfglJndzU9okBrC8RCsjoLqLb53I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7a0c5cf7599f6dc2-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 keyp.js Show response
hwhelp.cc/ 569 B
798 B 505ms
466ms Script
application/javascript 2606:4700:3036::ac43:c27e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hwhelp.cc/keyp.js
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c27e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad5e73c057d0204c93ebee1e1a289bdde1ba60ac0bbff5d88fb4b39698fbe08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 05 Feb 2023 22:10:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3268687591-569-1675635005000"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BVutYUPa2AqzijA4mBXZF5xBIlkl%2BOnY653BbnksnA1QJkSRIpH4Ux5mPX%2BJsVK%2BEm3440eLMnkLR%2FIa9yvGjctPQyyoFsCqOGR4kUXRsR5T%2F4dqchELghqy70Yl81CjkdUJXDx9LM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7a0c5cf759a06dc2-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 AGSKWxXeQcbGKgfB2cS29jzEXcko2dF-st6LpR9jjr5z0_7nfdH19_BtR039WFEw9HkRfWez0BnC89QIKDhH1mXofMo= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 133ms
130ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXeQcbGKgfB2cS29jzEXcko2dF-st6LpR9jjr5z0_7nfdH19_BtR039WFEw9HkRfWez0BnC89QIKDhH1mXofMo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc3NjIwODkzLDY1NDAwMDAwMF0sIkZDNjQyMUJGLTYwODEtNDdDMS1CMjlCLTg2MDczQ0I4MUQ4QyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9od2hlbHAuY2MvIixudWxsLFtbOCwiQWtNT183bTFFRkUiXSxbOSwiZW4tVVMiXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXSxbMTcsIltmYWxzZV0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.AkMO_7m1EFE.es5.O/d=1/rs=AJlcJMzYWk49Mc2t9t_p2tEX-PdleSztyQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adcbef9629114ddeb46b731d81b9186aaaf016eb85f4d395b400c44cc5612b88

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IC1Z0ewpnE93amO5pDqPwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IC1Z0ewpnE93amO5pDqPwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
241 B 266ms
98ms Ping
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B85FZY0ZKE&gtm=45je32r0&_p=10819814&cid=217360747.1677620894&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677620893&sct=1&seg=0&dl=https%3A%2F%2Fhwhelp.cc%2F&dt=%C2%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B85FZY0ZKE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hwhelp.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 366 KB
121 KB 572ms
118ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3715996854656266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c9d837f2b6152bf20bbc3772d0014175337b504fb2c585ebd50d6b80f6d2353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123266
x-xss-protection: 0
server: cafe
etag: 11013447739649953622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 21:48:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/ Frame 2551 10 KB
5 KB 503ms
65ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3715996854656266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 20:58:37 GMT
etag: 2378337311435320485
expires: Tue, 14 Mar 2023 20:58:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 104 KB
34 KB 340ms
98ms Script
text/javascript 23.204.152.39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU6A4582
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU6A4582
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.204.152.39 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-39.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 3b514f4ba661acabd0b5649e237de9506fdd6a52880aa2b17daebeacc585060c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 21:48:14 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 34826
Expires: Tue, 28 Feb 2023 21:53:14 GMT

GET
H2 200 smtr Show response
contextual.media.net/ 549 B
516 B 260ms
259ms Script
text/javascript 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU6A4582&cpcd=WgliCecm9WaCPZYt46unJA%3D%3D&crid=227527707&size=728x90&cc=US&https=1&vif=1&requrl=https%3A%2F%2Fhwhelp.cc%2F&nse=5&vi=1677620893777430835&ugd=4&sff=0&pgid=p0670750399t202302282148&nb=1&allsc=FL

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU6A4582

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

79a7af9b0e87fece0cee86237add2ef491b760697d35ef0641fbb76137902ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-jwwx
content-length: 328
expires: Tue, 28 Feb 2023 21:48:14 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
185 B 165ms
97ms Image
image/gif 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=484&&vgd_cdv=882&vgd_cage=0&gdpr=0&prid=8PRHGG6T9&cid=8CU6A4582&crid=227527707&vi=1677620893777430835&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785075&r=1677620893955&requrl=https%3A%2F%2Fhwhelp.cc%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1677620893130934232&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0670750399t202302282148&vgd_pgids=1&vgd_uspa=0&hvsid=00001677620893944006462152364647&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 28 Feb 2023 21:48:14 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 28 Feb 2023 21:48:14 GMT

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame CFB1 12 KB
4 KB 74ms
68ms Document
text/html 23.204.152.39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU6A4582
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.204.152.39 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-39.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3751
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Feb 2023 21:48:14 GMT
Expires: Tue, 28 Feb 2023 21:53:14 GMT
Vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
366 B 289ms
156ms Ping
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU6A4582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 cenw.js Show response
dts.clnmde.com/ 36 B
357 B 256ms
128ms XHR
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU6A4582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 3fb5c67f48ea8e389b3bab64f99756058b7ffce773dc3473b143961665d61878

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
via: 1.1 google
etag: W/"24-NPJXQww1Tyxnq++RTOktbw"
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36
alt-svc: clear

GET
H2 200 ptmdDual
dts6.clnmde.com/ 70 B
335 B 334ms
67ms Image
image/gif 2600:1901:0:cba2::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22167762089440632269443846%22%2C%22za%22%3A1%2C%22gcd%22%3A1677620894573%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:cba2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
via: 1.1 google
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
140 B 62ms
57ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IgxmAWDWIFwG0QCZkHYCs60AY0gF0AaEABwEsATAF3iR0JICcBTAMwFUmAbWxERiADOTMF150QkatVJCApAGYAgvOQAxNesgB3SC26kAdBC2CAbkID6VPggB2AV27diUyzZqScPnAEYANjQ0AOQcAA4ATkVIgBZYnwDY0L8sRSSk-DcwRyFqTzsQcIBhDgDlWIxw5EEwJnNJYAAdFHQsYLwWuGaQagBPUhYulrrPFqIW83Ix+BbA4NCI6OC0WMUIxQxxlsgPKmGQX38gkLComPjE5ORU5HTk2LQWgF9nwXsAQzpY5DjIoOQSSIfkUCXCuBiRAw6wisXC6zcnyE8F+JHIHwAtnQcG50ci4OESHkPtRct8iIpFBTYhSMBSAhS0BTCZDfm4AF5fOB+EikADm8BADRIfMggvmpyWlwCilQATia3CyRAJEsgoCRhwRiwfhVIA+3HgVJAbDA8AAtDyQCxqORxSdFlFYnqIJRBRwAMp6vICuA4ImwOAgCWOuJWALhGXILBK-4BPUscikQWKcJGEHIdN+NMRvXmFhMQWkJgAezdJBYji5Vscdr9FfMhsQoE+GJYgoARlRKAXPHrKCSuaAu5Qe0w+3AnC5VdMqPaFmdlsE1hsMCBXkQW5j20GPmA5yQB9Qh-r927J85uDOJ8GHYvFCsV-C1683KQ1Yg3EJuHl55KnbKuokNwbDwFaOR5DeJRlBUVQ1Nec5BiG96Pusz56nyZrcneUrwlaACOO5WmwdbIM8QA
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:14 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
599 B 262ms
79ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hwhelp.cc&callback=_gfp_s_&client=ca-pub-3715996854656266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

237cbd53711207409e9c2e0ea750f8792abf18e83059f6ec5fb5bcd3da429db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 245ms
94ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hwhelp.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63C2 245 KB
66 KB 1078ms
1074ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3715996854656266&output=html&adk=1812271804&adf=1573534164&lmt=1675635005&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhwhelp.cc%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677620893841&bpp=11&bdt=1128&idt=1084&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6976038386709&frm=20&pv=2&ga_vid=217360747.1677620894&ga_sid=1677620895&ga_hid=10819814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072387&oid=2&pvsid=67824503344040&tmod=2063041277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bccc0ea5d81fb4df0ce8bb0c54ac784d3693ee736f07d2c20632c8e4b969c12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 21:48:16 GMT
expires: Tue, 28 Feb 2023 21:48:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 557A 98 KB
33 KB 1319ms
1317ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3715996854656266&output=html&h=280&slotname=8595788668&adk=2187180025&adf=3025194257&pi=t.ma~as.8595788668&w=1200&fwrn=4&fwrnh=100&lmt=1675635005&rafmt=1&format=1200x280&url=https%3A%2F%2Fhwhelp.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677620893852&bpp=3&bdt=1138&idt=1239&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6976038386709&frm=20&pv=1&ga_vid=217360747.1677620894&ga_sid=1677620895&ga_hid=10819814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072387&oid=2&pvsid=67824503344040&tmod=2063041277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0nNe3R2h5P&p=https%3A//hwhelp.cc&dtd=1257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6ac12f66672da5c5c5d5a04dd55dfbd7d80d4572cfe5be0d07f36399188b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34059
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 21:48:16 GMT
expires: Tue, 28 Feb 2023 21:48:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 90ms
89ms Image
image/gif 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.014734661717394

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-YaBqopw0RjaB_A6BJh8IJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-YaBqopw0RjaB_A6BJh8IJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 90ms
90ms Image
image/gif 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.2921020341994485

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eTsdQTyRXQD9L1jXy-ieLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-eTsdQTyRXQD9L1jXy-ieLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cenw.js Show response
dts.clnmde.com/ Frame CFB1 36 B
125 B 49ms
48ms XHR
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 405d76e2ecdb10e7986a271371b370753bd1185e3fa796d3418b7d0396df9b58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
via: 1.1 google
etag: W/"24-L1/XhNLn9ePVSlkKdrDwoQ"
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 68ms
68ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IglgbiBcAMB0BWANCAzgFwIYYK5pgG0BGATgF1UAvLGY1ABwHMYQpUmALV4gNgHZ+vAEywAHKQAsk2LwDMw4bymS5YybxCoIBaCF7wEiYcS0gsAGxhzUAMwDGMALT0QAUwxgeAoaImSze3sAE1YAVQBlM0wWOFQ0AGtvQRFxKQB9XjF5YWN1Ul5NVDcwBlY1eGIFSuIxeCyzCDcAJ1YGZoB7UOLcWmhXXC849wgraEJQADssAFs3VgAjMGDglvTls2CcPtAllbWN6EncCwttMHXQvT4Uv1I5QX5VcTlEEABfd+Qp2fm9LHsG1QW2wMFAAMOx1O50uyV8aQegmeYleH3elBADB0RAxaAsmDhqX8ClMqAstjoqHs+AwsL0YgAwmFeABBSSIMTCRoXQ4gG7wiSIp5yF5vDiOfo+ImkRC1GwgACOf1ctiGcneQA
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 60ms
58ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4Ig1ghiBcIJwQBwCMDGiCmAGAtMg7MgIw5FEYAmOEAzIjTgKxyIBmALBI1lkgGwgANOGQwiw1ADcYIYAB0QAGwD2qCIoD6AZwAuygE4QA5hgXQFCFOmx5CJMpWp0GzNp269EfBYIVaMWloAlsoAdtp6hiZmFkhomLgExKTkVLT0TCwcXDz8PgqoyspgQRgaFBA6EDHwcdaJdimO6S5Z7rleCgC+QiBGOqwwANpYgqOj4lgAusL9WsPjY4KTMyC689AjSxNjqxioOgC2MswATL26lQCuG0NwqwBeUNDiIAAORjLSswAWMkR8fD4PinLCIODsdhYPg0U6nPgQ9h0dgCYSSDYgPgAOiwWMYpyIvXUMBowlYqBgpGEGB0QX+gOBoPB7F6qFQFBkAFUAMoXHSfaCjNZgelAkFgiEaPheWH4xDsOB8VEgDBBN4yOhYoiwrVERBY6W9SQYfQyN76ZQc6lXZ6vK50wXUySKYagUIQQ4YGTIIIUCgmjS+3oVKowUA+v0BoPQUJXRSKNFBQMc2AAsVMuA0IH4JFgmiMEBdLqCN0er2wCCoIPCEPPUCV6Ox+OJ5OixkSrNA3P0AtF1ZvdHDVZaRS6Nvi5mwwnCRSDF4SG46VuwRAAYU5fAAguxGIhzi3oyA0+3wZ2czQ8wXZhSXgyJ3BGHr8MIAI7l16sB3sLpAA
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

POST
H3 204 AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 232ms
93ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y6xFdO8a_2IJ1GJynlPcww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y6xFdO8a_2IJ1GJynlPcww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hwhelp.cc
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 58ms
51ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IgpgHiBcIAwgDQgM4GMD2MQEYBsA7AXgExwAcAnACwD6e5eAzCQKwnnWV55KqYAzGDmToMAF2z4ipCjXqMW7Ttzy1yAIzLkCGnHBJpKYJmFYCBYACY40OagXLXNjvmPFDoI-hKtTCxNryDMxsHFw8tCQkAIZorGBgcNIaBAKUlCQETEyUGtQCOOZEJEwxbpjiVp7eYADW5bCUcThMcGhwALSpep04ONadMZSsMZ1wNJZwVk7UOOXI9RrCyGgAbijYwAA6IAA2GGgxe7Qo4hgATjEA5mC70LvNdm0d3bo4fQNWQyNjEwVJGZgOYxXaIXYoMAoFAASwwADtTucrrd7o8Wi8uj0Pv1BsNRuNJoDZvMwbtMBg6jCwLQrDFxKCYOjnu0se9PnjfoSAdMSYyAL5uBniACum2gAG1SgBdZAAL0a3gADtdsGs+NcABb+GRBajUOChEh4GjUJicXjIDbYPAAOjgtvYOD4xxgTGQAjQMD6i3EMJ1gTk1D4aDQflgAFUAMpC1XQOCiOoB2RUOghJThVR8MAwpXYc221okQs4ci2hh8NZgC7YJUXDB+RYixXIEX++OLNZ7GAS0DwmIAWzA2A0MKsVmrtDHfDpDJgoFH48n0+g8JFez2VphU-DuACKcoTCIBDNFCYrBA-P5iD7g+HsDi0+Qs8aoEf4bXG63O+TQSPRFPchz0vflZRAJVrUlMCUD2M5fyDFhnWQPYalWMVxB-WByAAYQjPAAEFqFYcgSErbcVz3XU5H-E82iAi9kGuL0vH3IJWAcAhkAAR3vbwBHbOB+SAA
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 mstextad Show response
fundingchoicesmessages.google.com/f/AGSKWxXrZQFLP_wjZC2ovePjMVWjxBJkR01BODYh4qKnkJyWKRru6hEHtRMAU2Aqf2T7PugUMFZ6tGewFKoJFy2ZdUNEi6udS843-T_pHSUzflK2qzgPUT25DcwX0V_NDVEvZX7koAA8sQGE1h6hKE4J_sSB0TcnP... 54 B
109 B 97ms
96ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrZQFLP_wjZC2ovePjMVWjxBJkR01BODYh4qKnkJyWKRru6hEHtRMAU2Aqf2T7PugUMFZ6tGewFKoJFy2ZdUNEi6udS843-T_pHSUzflK2qzgPUT25DcwX0V_NDVEvZX7koAA8sQGE1h6hKE4J_sSB0TcnPCewmfhIq39QhTiqv5bjMLfEHg_VA_-5/_/mstextad?/ledad./ads/pop./gameadsync./adsscript.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.AkMO_7m1EFE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzYWk49Mc2t9t_p2tEX-PdleSztyQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80f697b8c91e9a8461990fa1e3a186fafbde71340a538c63fe483c9718dba966

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PE64Ul5CMGm4YCm88y-d1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-PE64Ul5CMGm4YCm88y-d1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
30 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.AkMO_7m1EFE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzYWk49Mc2t9t_p2tEX-PdleSztyQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e76045fbdbdf1fd502f0d4b5b5d629a262d0d656d0011f0c9e3dec7414fd814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30205
x-xss-protection: 0
server: cafe
etag: 6652141151959490675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 21:52:27 GMT

POST
H3 204 AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
93ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B60A4KCa9ydudm07w1_2eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 21:48:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-B60A4KCa9ydudm07w1_2eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hwhelp.cc
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 92ms
91ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9b0O-oaYxSXsmoW2NhaO_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-9b0O-oaYxSXsmoW2NhaO_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hwhelp.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
92ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-152Pp5nr7CyxdkD9kltr3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-152Pp5nr7CyxdkD9kltr3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://hwhelp.cc
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 98ms
97ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwbAhh9PO9np6qt1GLxy_gVPRGEqR1MtaNCwSW3aQTYh0QM67cLQ7Xr6r_vC420WevYMq9zL1XczZ8PcKbKudM9na_QxqUmz9YGoLQ1HElwqO2zvAbHkDD2vlbt58PtBCT_Pz-_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e1WK-Rop_tz-dgs6CK4xiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e1WK-Rop_tz-dgs6CK4xiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hwhelp.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV29rzoJBCm56t5fQjk2CAfzNaolzJmVxNKBV4BwMTL9LZiBps3bu4cDw7583f0ctmRLR_pmIXDiRO1LOyp3w8PDrlBOQgUFb7R3g7rjhlEP-SGOfLK27GSfhJ0ew-RW-oXvyBoCw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 105ms
104ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV29rzoJBCm56t5fQjk2CAfzNaolzJmVxNKBV4BwMTL9LZiBps3bu4cDw7583f0ctmRLR_pmIXDiRO1LOyp3w8PDrlBOQgUFb7R3g7rjhlEP-SGOfLK27GSfhJ0ew-RW-oXvyBoCw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc3NjIwODk2LDMwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9od2hlbHAuY2MvIixudWxsLFtbOCwiQWtNT183bTFFRkUiXSxbOSwiZW4tVVMiXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXSxbMTcsIltmYWxzZV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6389aea71689b6af8e825a518ee1b0a24a2226bd1e9833f987b4d1cb2746f27d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ofuMP-NB5yk_13AjaRK_hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-ofuMP-NB5yk_13AjaRK_hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU7syUiUhqksWX4M-DfqjECqtF_aK_oDneXA_ilBU3X6EJrtsdk25Uz0eVO8_883ZTplLZ5Xp3J2b0t7RNfAJyjbLmissM9obOKDQN5W_zKSkB-3R-HeUdDz2AcI7iKvCB7Lnw3LQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 96ms
95ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU7syUiUhqksWX4M-DfqjECqtF_aK_oDneXA_ilBU3X6EJrtsdk25Uz0eVO8_883ZTplLZ5Xp3J2b0t7RNfAJyjbLmissM9obOKDQN5W_zKSkB-3R-HeUdDz2AcI7iKvCB7Lnw3LQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6tr8V0iVOqin4gRs3tnbUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6tr8V0iVOqin4gRs3tnbUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hwhelp.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 150 KB
51 KB 172ms
171ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67ce53a9d0417934328c56bf3684444795023e4518058c4c8f0aec3cb04960b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52033
x-xss-protection: 0
server: cafe
etag: 10300374899217650841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 557A 10 KB
4 KB 224ms
79ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3715996854656266&output=html&h=280&slotname=8595788668&adk=2187180025&adf=3025194257&pi=t.ma~as.8595788668&w=1200&fwrn=4&fwrnh=100&lmt=1675635005&rafmt=1&format=1200x280&url=https%3A%2F%2Fhwhelp.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677620893852&bpp=3&bdt=1138&idt=1239&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6976038386709&frm=20&pv=1&ga_vid=217360747.1677620894&ga_sid=1677620895&ga_hid=10819814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072387&oid=2&pvsid=67824503344040&tmod=2063041277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0nNe3R2h5P&p=https%3A//hwhelp.cc&dtd=1257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:13:39 GMT

GET
H2 200 164715e9a72d7bd173c872e14587b581.js Show response
www.gstatic.com/mysidia/ Frame 557A 19 KB
8 KB 213ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0093df26b73c46a3dcb4faa9d4601fbd0dc02daf3944b55d80e26453459665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7929
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:14:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 557A 8 KB
1 KB 243ms
99ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 20:32:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 557A 2 KB
818 B 142ms
136ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 13:27:01 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 557A 6 KB
2 KB 231ms
91ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:14:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 557A 22 KB
9 KB 247ms
69ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 00:59:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 557A 3 KB
1 KB 143ms
139ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 12:44:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 557A 20 KB
8 KB 317ms
140ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 12:44:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 557A 158 KB
49 KB 249ms
91ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 557A 34 KB
14 KB 68ms
64ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:13:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 84ms
83ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hwhelp.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/ Frame 8218 10 KB
4 KB 67ms
66ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 42936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 09:52:40 GMT
etag: 2378337311435320485
expires: Tue, 14 Mar 2023 09:52:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/ Frame 7914 10 KB
4 KB 67ms
65ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 42936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 09:52:40 GMT
etag: 2378337311435320485
expires: Tue, 14 Mar 2023 09:52:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8218 4 KB
709 B 83ms
82ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 21:17:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8218 205 B
519 B 72ms
69ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:33:15 GMT
x-content-type-options: nosniff
age: 22501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Feb 2024 15:33:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8218 604 B
696 B 73ms
71ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:34:23 GMT
x-content-type-options: nosniff
age: 425633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Feb 2024 23:34:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/ Frame 8218 20 KB
8 KB 156ms
136ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8556
x-xss-protection: 0
server: cafe
etag: 12004167960083760723
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 13:27:01 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 57ms
56ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IgpghgNiBcDaBdANOCAHO8QGYAcAdAIw4BMxRhAbHiCiAJYBucpqAzgC4ScCu7WSsiIBOegC8IcIqnQBzOCBao5AC0VEqAdi1VSABjwiALMf1UypKieP5jVEKiYDYIKgX0EArKSKOQ0HA4qABmAMZwALQy4JwMGtq6BkbG-mFhACaKAKoAyv5cCrD6HADWCTp6hiYA+jQWpD54xiJUDqhgDJiu+MRkFNS0TmAAToroIwD2WR28UrAxvPHFHUwwCKAAdhAAtmCKAEYMGRmjNcf+GTzzoEcnZxewm7xQUE4M51mumpXJIjg6LS2Qw4LwgAC+4OQW12+1cEDCF1QV24cFACMez1e70+FSS1QBOmBeFBEPB9HQziwIH0AAJSAyRLS-PR2FAuHiqikyH5UFAQtJUGF+Jxca48ABhbJUACCxi8eFI-iYH0eIB++KMhKBOBBYJUEQWiS5rT0XlQAEc4TEQst9OCgA
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7914 0
0 101ms
99ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpXghn3b-Y7reDJyrvcAP6Oq--Auh1aShbaWSwcrcENaN4JOMDhABIL6A0JIBYMmGgIDco8QQoAG_zoDVA8gBAqgDAcgDyQSqBMUBT9DE4QHkWgrkbxrv2lQMsMaE7jJlyoXZ0hPUxOVJBkmMxbNmxC7waGHegdDjo81SbiQBnpxn03KBZqdCFa4y2g9Qm8Z_TWs22JUGIRX7i10auDcWMJrhVaE6YKSmWAvQI4Gx61OAS24kyU_qfvLfu1kyQ5XQkLSGeBsR2RYkQSXJbgHCVs29S3kN5qVcAyAlWxiNLBC8fRyYsnYLu2a09EwVxietQSso8peE7M-n5SqH3VpcN1RlPmPbRe37nK2IhhZeOFvABMu_saCYBKAGAoAHqbH_KqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENSTENIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0zNzE1OTk2ODU0NjU2MjY2GAA&sigh=lqJgIK6i-JM&uach_m=[UACH]&cid=CAQSGwDUE5ymDRyA1DfCTHr0Vi7pFv16WJjAAQHtZhgB

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 21:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 7914 22 KB
9 KB 74ms
73ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 00:59:16 GMT

GET
H2 200 15154100431754498099
tpc.googlesyndication.com/daca_images/simgad/ Frame 7914 54 KB
54 KB 161ms
159ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15154100431754498099

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58063a56e8e3af09ede5026c61de4e8a7d40cca9fb48ff21f422caff1e9b8446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:20:33 GMT
x-content-type-options: nosniff
age: 390463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54864
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 15:41:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 09:20:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7914 3 KB
1 KB 129ms
127ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 12:44:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7914 20 KB
8 KB 148ms
147ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 12:44:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7914 158 KB
48 KB 189ms
188ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7914 33 KB
14 KB 199ms
199ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54ec5d49fd3dbb498c6f9fb4746bb071d87b86ae802c77b238b3eace00999e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 14:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13744
x-xss-protection: 0
server: cafe
etag: 5530353353552386020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 14:45:11 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14448469103005689926/ Frame 557A 17 KB
18 KB 143ms
142ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14448469103005689926/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4871c9a3ab25ca8d986eb43cb71e61216c10350066486a1aee38e0bb87370f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 01:37:39 GMT
x-content-type-options: nosniff
age: 418237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17866
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 19:35:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 01:37:39 GMT

GET
DATA 200
OK truncated
/ Frame 557A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 557A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 557A 0
0 125ms
125ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYaYDn3b-Y9yFC_bOj-8P0NuEwAXF0Mygb-veiuzjENGNmKeWDhABIL6A0JIBYMmGgIDco8QQoAHp_fXPA8gBCagDAcgDywSqBMMBT9C7F423qXFZCLHC_Qa4FHaO4IwkTF2vcxv_zwxT-LJNnvr7A8dpTK0RRv3N-35kRMawQ8GKUsQ1b2v3TN6j9zl3CezIa9UDikrzb6eIWypbHs43bjl4US5ZXtKq7UO4LC4e9cNA9zj8B5CG_BL_4OKjX03x_2F2bI_WWF4Wt9-WsMmVbfSYqaBzfgRLOd8VEC4XP0finwF2NK6NrtFVT9n-dYxVbzT0-fBqOPEtkjFz2_xmZB011XvspIyxwZ85aYA4wASayNOYnASSBQQIBBgBkgUECAUYBKAGLoAH_6WX8QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDa8hvSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMzcxNTk5Njg1NDY1NjI2NhgA&sigh=eFovosIpKtQ&uach_m=[UACH]&cid=CAQSGwDUE5ym99i2VXp5W2g_vV1z9Ky0DEq2xuhLIhgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3715996854656266&output=html&h=280&slotname=8595788668&adk=2187180025&adf=3025194257&pi=t.ma~as.8595788668&w=1200&fwrn=4&fwrnh=100&lmt=1675635005&rafmt=1&format=1200x280&url=https%3A%2F%2Fhwhelp.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677620893852&bpp=3&bdt=1138&idt=1239&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6976038386709&frm=20&pv=1&ga_vid=217360747.1677620894&ga_sid=1677620895&ga_hid=10819814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072387&oid=2&pvsid=67824503344040&tmod=2063041277&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0nNe3R2h5P&p=https%3A//hwhelp.cc&dtd=1257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 21:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4189 6 KB
745 B 88ms
87ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 21:23:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4189 2 KB
799 B 76ms
75ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 13:27:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 4189 22 KB
9 KB 76ms
71ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 00:59:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4189 3 KB
1 KB 82ms
78ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 12:44:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4189 20 KB
8 KB 80ms
76ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 12:44:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4189 158 KB
48 KB 97ms
93ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 21:48:16 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 4189 34 KB
14 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:13:27 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 557A 0
20 B 106ms
82ms Ping
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAIBKQDAECg0QAyEAAADMzHiZQDAECg0QCiEAAADAzAxBQDAECg0QDSEAAAAAAAAAADAECg4QHioIMTIwMHgyODAwBAoOEBkqCDEyMDB4MjgwMAQKDRAOIQAAAACAmbk_MAQKDRAEIQAAAAAADJpAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAQFdAMAQKDRAFIQAAAGZmDppAMAQSGkNKelJtZXlZdWYwQ0ZYYm40d2NkMEMwQldBIgx0ZXh0L3J5dWtfbXMoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9C1 143 B
166 B 92ms
71ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 21:23:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7914 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e9d6e6f549600791fe06899e2bb35d35e1f5420c241d5306bcde22344fdab03

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 557A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2143b118c6ef25cc9c0549973d85598525ca6c655cdf1a174dcf08cde6f727f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 557A 28 KB
28 KB 244ms
64ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:49:56 GMT
x-content-type-options: nosniff
age: 529101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 18:49:56 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9C1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
94ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 21:48:17 GMT
expires: Tue, 28 Feb 2023 21:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 21:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AA8 36 KB
14 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 01:47:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 557A 0
20 B 87ms
87ms Ping
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 4223 36 KB
14 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: hwhelp.cc
URL: https://hwhelp.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 01:47:56 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 84ms
83ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IgHgZiBcIAwDYIEYDGAmAnAEwEbowHYBWADnQFNcBmXUuAFhXWIWvULhABoQBnAC4BDAQFc+MANrU4AXV4AvITGS8ADgHMYIAG48QGgBbbkCQoQTo4pTAwaJ26BLYbVSDBPp0TYCAHRwfsToyPpCADYw1LwQqDAAtKogFAIAliZmFlY2DPqoqNjaAKoAyvqCWtBwvHwA1hnmlta2APoIpGws6O6YCJ68FKlq2m5+yOxjyKR+7V4UAE7aavMA9oUDosrQSaLpVQM6kdCSoAB2QgC2FNq4qdjYCy13+tgiW6C394-P0Kei4eFeDpUk9CrBTI1sphqOZCK5rNRiCAAL7I7hnS7XWBCVDPXivYQwUA4n5-AFAkE-EAQrLNGHmeGkREo5HyEBqbxSNl8cKCBq0nLsUK8cJQba8VDiASg7SkADCRQQAEEGGR0F5KWDqZkmjZ6XCZEykbwNHFtjqoVkkgBHLFJCB7ODIoA
Requested by: Host: hwhelp.cc
URL: https://hwhelp.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:17 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CDA 36 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 01:47:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 557A 0
20 B 85ms
84ms Ping
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAwMfjQDAECg0QFSEAAAAAAAAoQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAzM0SjQDAECg0QMiEAAAAAmJkBQDAECg0QMyEAAAAAmJkBQDAECg0QNCEAAAAAmJkBQDAECg0QNSEAAAAAmJkBQDAECg0QNiEAAAAAmJkBQDAECg0QNyEAAAAAmJkBQDAECg0QOCEAAAAAzMwUQDAECg0QOSEAAAAAAKiUQDAECg0QOiEAAAAzMw2VQDAECg0QOyEAAAAzM3ufQDAECg0QPCEAAAAzM3ufQDAECg0QPSEAAADMzH6fQDAECg0QPiEAAICZmRujQDAECg0QPyEAAICZmRujQDAECg0QQCEAAAAzM06jQDAEEhpDSnpSbWV5WXVmMENGWGJuNHdjZDBDMEJXQSIMdGV4dC9yeXVrX21zKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
86ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230223&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9de74cea85366af9d1a52af726e072344bc47615da4bdb2fe45b735b2b7dd8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11342
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 110ms
110ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 21:48:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7914 42 B
64 B 85ms
84ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQTzX0dDmHAsaYJg0DvrzOuyIH8IVaWy7m4VjqX8f7Q9IgdhB3eESMXU-b2QGrIoj3h0Un0RXjv40p1hAbvaBnLL4ZlDLkTmLUs_TAgDvbrCs7vcKXcRVZaDyqXBphO4exUxOSFZaa0NTgzrM_xKbtSQxMo76dnBFdcfg069dAAuyEYvMCpjWnHX3e_PeLzP-G6YD6k9QX5zHEGAPmMh7iSfc7-1IWXV08u2ae40iE01AVWgLqDKcuwimJ-3o4x-o0souH553od5f-M91aHIQwHp1w2hhfwPHrRdvrrXhJVt96l6BUcg8wPVb64zHLk0Q3yR55tL89vpgAJBwd1v2bVSLosWIYw3MOSlYNy9OVwh9A-G4Xh85Rg52vjLYxTJrelGEv3R5lSTOb-IOEo-I3jof-ihhgE8N6z7WxO3MrAKMmsmc15RlAzRKNplJ_0UeahUnqZaGE0vsa0_3V0QbfHDEYovKmVGfuL3a5ogF5U9fj9RL5pHuxPgqjLbY_8sOK3MNZhVsE9YE-NJThl_-VT2r5vCUDHWTkHZbm8hFmEw0Fv8y50R5I4xanfBYMyQ0f_R_zSGpRsAdXo4Vkea7QLzG7t6T6Pd5H_DhiDCiI4u_dLlD4IMeoQMuqeUd6aplD8iVl3wofPS5A2H4xp-f9JgQzaKAdn0O9IBoBgI4OKqf9q39z9dkC_YTo6Ht_yMRKlq4KnwRV2rI2t-CdJdI6KFBQnSesKPZ_p5sO4ebDY6eVpvavNYwtbp04BK4biFr-r8BpNHegHcXc-Ic4Io8wmfmsU7QRcGRGMLhnf5J8uaKI-p7369gKw9oqIn1dAYG3THwlwnFBGiNOasdcQOkXeCswPlfYP3zfKerSTXaLcShI2XA0PDxyfujVIXuryuZ0TV5MB5DZ3erPJ1E4gb0o&sai=AMfl-YQlHtxmpebuntIXBdHf47ZyjR6nfU7SZnTU9UHABKwsSzBvcB-snjvYH82R30S_Q5sv-U42rafnIMPtWkPfI0Gy02mt_z_oAg&sig=Cg0ArKJSzEck-fmCV-vyEAE&cid=CAQSGwDUE5ymDRyA1DfCTHr0Vi7pFv16WJjAAQHtZhgB&id=lidar2&mcvt=1109&p=0,0,124,1005&mtos=247,935,1109,1109,1109&tos=247,688,174,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677620896521&rpt=470&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6D4 13 KB
5 KB 108ms
65ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 7816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:38:03 GMT
expires: Wed, 28 Feb 2024 19:38:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 322F 783 B
970 B 123ms
85ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

399ce3b3eb298b303c29e1c340ae7f0b49da840c4e8bc21980da00558d865dbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m-48nK58nV97YwJyDybhLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hwhelp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-m-48nK58nV97YwJyDybhLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 21:48:19 GMT
expires: Tue, 28 Feb 2023 21:48:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 54ms
53ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IglgbiBcAsA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUidAFo-gGwDs3nATAAYAHIVixBnAMz9+nMbCnDYnEIgg5oITgDpBOgKz98akGgA2MKYgBmAYxgBaaiACmKMBx58ho2Kbs7ABNGAFUAZVNUBmhBRCQAay9eARExAH1OYWl+I2VCTlVEVzAaRiUdfBlK-GEdLNMIVwAnRhpmgHsQ4sxKaBdMT1jiiEtoXFAAOzQAW1dGACMwIKCW9OXTIIw+0CWVtY3oScxzc3UwdZCtLhTfQilebkURKQMQAF93+CnZ+a00OwbRBbdAwUAAw7HU7nS7JHxpB68Z7CV4fd6kEA0DR4DFIcyoOGpPwyEyIcw2KiIOzYFCwrTCADCoU4AEFYAZhPxGhdDiAbvDRIinlIXm8WA5+t4iYRsgYDIgAI5-Fw2IaCd5AA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:18 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 557A 42 B
64 B 89ms
88ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvT2gmCzi2JGzRnZ8RjP7XP5n0RSCTWhoA-9aBaxksWfnX30UUrSyni-a1RbplCbM_YH_BUSFyiJk2IlMbmgIFq_M9jegdLQ_CNHH4w6RvZUCkJgIbU7NlGDpg_uU4lRu4jXQ&sai=AMfl-YRzIkxqo09UXmmcEPB3uQirTl6AJ8eul9kNxOUx1EIqSlZWCO6Q5KTRKbz5FgI3tmO6BPZZzI13Zis4&sig=Cg0ArKJSzLLX6jeoowmOEAE&cid=CAQSGwDUE5ym99i2VXp5W2g_vV1z9Ky0DEq2xuhLIhgB&id=lidar2&mcvt=1034&p=0,0,280,1200&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2187180025&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677620895118&rpt=2467&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 21:48:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 322F 0
0 80ms
79ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230223&jk=67824503344040&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame A6D4 36 KB
14 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 01:47:56 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 66ms
65ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IgLgDghiBcDaiCMAaADCkSBMa0CpsAONAfSREyTwFZ8cAWckAXTcwDMYEBmAdhpFqfIjQBsKakXQyMc2QvlKWnKAGc4EkAAttceLhTYkKkBw5xsmAK7W4SfjU4A3OCEog1YKGGsaEDFbYNKYAXtyoIBAA5m6umNF6sFhifHxiuEQAnAwMaGI82NhiOQw8RAxiHs7+IGIAdGj1NMYeUAA2cDycAMZwALSRAKZgAJZuSKnpmTkePT0AJm4AqgDKHl6xsBieANYTUxlo2UxiRAXBxAxZYlWYQ6MQbuX1DtivSET1Z9VDAE5uCB-AD2S3u1giNnG23uzk6CFAADsoABbIZuABGowWC3+pGxHgWPm4oCxOLxBNgiOs7XamGco3xS2SkzSR2y-DSZWOPBoIAAvvyUEjUejklAegTMETvHBQBLKdTafTGZSUmyZpy+NyiLyBfzTBAavpTGp2l4DhrjjlChRMO0LLBIj0-GAmW4iABhZZiACCDEE2GqquZ6um1q1Or1CT6TsOuCyeDQPC0AEcxZEONC0PygA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:20 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A6D4 0
10 B 68ms
67ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dAdtcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
83ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230223&jk=67824503344040&bg=!W1ilWAzNAAZYlHKzeJQ7ADkAdvg8Wle1a5u7jMaOtf_je0TdNHLndugmO5ByKKtrSw11HKCis2iCUuw58EYj5GJb89ZUAUr1ZRoCAAACLVIAAAAFaAEHmQKSvsTTM5koEQ1FL8tINZeJ4E-mU4GOIbqxW3vDyv7shnnlDr3B47spt15j6GLDu85B11cOgLqaFhEzFqmtq9krp1m4X6jz-OTyO0JGfOHBr4ln9jv-5psDYb64jFq94EEvjgdqePDiLTnFMHNJMWBv6XeqP1vOWqkkyoG85xsm7BBSwCumDUHTviPGZ-oZO9jHBAdPlA70vISy_F50raGjOB_YKk-b6FjAedGOvoSRyzqsgBSaesFOlScMxjr4FnCeG9u9dwGCrV96CQM_XNOO19fbemrWWcfzAbr7ATNU3NDtYBhqYJF2YhEQ67CITw6JZVOFtxxXWTWzUcibzMVtJw9yAiw02_XYLiUni3QCN1N6D42jWx2fcew9jHUSDbHTv7UQdYV-QxkdVmOiRZVfL8ROs9CNs28unIYSGyY_bFRBckBMzdqjdV-gM9shnnzRbOrEhE9CNP5FCMl28U_eDTXr9Q9d1ueh2E7X59cYj5xyX_94b82lzh8Why5GHzcGj6Nzi2We-C6nYiplIjnoDnCaLAGQGuY7xPvfc5_p0o7vVd-3NZSpJxsxSCQPJdSbpZIXHLHuk-aekdV1huwSLw1zwT2dRnchYZeMq1ZlWrypZwZnIxj-Fm3uoJkeueOoBproenq9_qHmqrUiyucTT66bOvZl2bISgs08FzRnmlrpnBVhjWEzVHGB9LMIsXJyHCxskSU8z4EuQ3BA6xFKVCbGO51zoWUth2ZITbKrfod5zs6vtgXmL2mg0YIJhvKO0CAiNZpSSvynKQvigsdf9QM2sNLmuNAonz20RJpyZ15WkX8zA72rjg0FoLQby7pXLDebbdN-h33RXIRqWNNNyNRk0t6j21B0YUeZzF5Y1voyPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 49ms
48ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IglgbiBcAcA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUidAFo-gGwDs3nATAAZYhACyjBnAMz9+nMaKmxRnEIgg5oITgDpBOgKz98akGgA2MKYgBmAYxgBaaiACmKMBx58hI0abs7ABNGAFUAZVNUBmhBRCQAay9eAWExAH1OWGl+I2VCTlVEVzAaRiUdfBlK-FgdLNMIVwAnRhpmgHsQ4sxKaBdMT1jiiEtoXFAAOzQAW1dGACMwIKCW9OXTIIw+0CWVtY3oScxzc3UwdZCtLhTfQilebkVhKQMQAF93+CnZ+a00OwbRBbdAwUAAw7HU7nS7JHxpB68Z6wV4fd6kEA0DR4DFIcyoOGpPwyEyIcw2KiIOzYFCwrSwADCoU4AEFRAZYPxGhdDiAbvCRIinlIXm8WA5+t5UoRBLlCAZEABHP4uGxDQTvIA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:22 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
72 B 60ms
59ms Ping
text/html 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU6A4582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://hwhelp.cc/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 21:48:24 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7
alt-svc: clear

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
132 B 53ms
53ms Image
image/gif 34.111.96.116
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=167762089440632269443846_N4IgLgDghiBcDaiBMAaADCkBGJa0CokAONAfSxEyzwFZ8cAWckAXTcwGcwowBXDuPAZIWmAF4xYWTBADmcEADdKIWQAsFWAGwB2HVtxEAnAwZotAZiRItJhhaIMtKxQNggtAOjSeaSCphQADZwFpgAZgDGcAC00iAApmAAlpq6+oYmKpGRACYKAKoAyipc8rAYIBwA1ml6BmjGTFpElkh+jkZazpgJyRAKDp5YVsNYRJ4tLgkATgoQMwD2+b28kvG8qRW9iiEIoAB2UAC2CQoARsm5ubOkVyq5PJKgl9e397AHvEFBmIrJd3y7m09UyFj0OnsjQsNBAAF84ShDiczu4oJF7phHtw4KB0R8vj8-gCPth0g1jOC9FCiDD4XDRCAIK5BIyOEEuHUMo0TFYAiAguE4PFIvwwICFEQAMIFLQAQQYNCISBcJKBZNBPKpkIs0NhmFk0Sk5NwRjQiqMREwAEdUfFwls0HCgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hwhelp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 21:48:24 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.net/	1969-12-31 23:59:59	Name: __cfruid Value: 6f210a19e3e1cbd1e5e46b3e31c1b3c67a18067e-1677620893
.hwhelp.cc/	1970-01-20 19:36:20	Name: _ga_B85FZY0ZKE Value: GS1.1.1677620893.1.0.1677620893.0.0.0
.hwhelp.cc/	1970-01-20 19:36:20	Name: _ga Value: GA1.1.217360747.1677620894
hwhelp.cc/	1970-01-20 10:00:22	Name: session_depth Value: hwhelp.cc%3D1%7C227527707%3D1
.hwhelp.cc/	1970-01-20 19:36:20	Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78 Value: Direct
.hwhelp.cc/	1970-01-20 19:36:20	Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1677620894517
.hwhelp.cc/	1970-01-20 10:00:22	Name: bfp_sn_pl Value: 1677620894\|1_686325284966
.hwhelp.cc/	1970-01-20 19:36:20	Name: bafp Value: 9a8bc8e0-b7b1-11ed-a383-598f4a500a86
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 10:00:22	Name: bfp_sn Value: 1677620894_686325284966
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 10:00:22	Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1677620894_686325284966_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 10:00:22	Name: bfp_sn_td_22ac5ee0167b7f9927339b4f15f7723a Value: 1677620894_686325284966_22ac5ee0167b7f9927339b4f15f7723a
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 19:36:20	Name: bafp_t Value: 9ac130c0-b7b1-11ed-a95a-094fe0d8e41a
.hwhelp.cc/	1970-01-20 19:21:56	Name: __gads Value: ID=af6d9c848bbc8efc-22e1e8878ade00aa:T=1677620895:RT=1677620895:S=ALNI_MZZfwYxmtx1H6LFj1U2IwRo3rfF5w
.hwhelp.cc/	1970-01-20 19:21:56	Name: __gpi Value: UID=000009c35637274b:T=1677620895:RT=1677620895:S=ALNI_MZrdn5887vOLt4kxihk76IyHy7pJw
.hwhelp.cc/	1970-01-20 18:45:56	Name: FCNEC Value: %5B%5B%22AKsRol9AwHPsn7A7QfTExGLiwtsBCgMIpOhGvtVWTmcfhKDQb6Jga0cfbWpZcMLJaohiJ6qiZFgqwMGVB93t5rJ2NEX3p5UABX8yXIfORlQCZFGI6cUSEPnrwfUL6dno_OoLRh_YY-5qMvFlSTm99SGOH6F01Xjhhg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.doubleclick.net/	1970-01-20 19:36:20	Name: IDE Value: AHWqTUlxGOyRimBlTY7DtkzIte5BKhpHcMNO9KRceR66fSKg278xMBUWc3RAV1340sk
.doubleclick.net/	1970-01-20 10:00:24	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media.discordapp.net/attachments/1069928824663441428/1070027318300524644/Banner_AD_for_TB_v5png.png?width=401&height=225 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU6A4582(Line 14) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
assets2.ignimgs.com
cdn.jsdelivr.net
code.jquery.com
contextual.media.net
dts.clnmde.com
dts6.clnmde.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hwhelp.cc
img.poki.com
is2-ssl.mzstatic.com
lg3.media.net
media.discordapp.net
mk0gameseverytif1pm6.kinstacdn.com
opimg.s3.amazonaws.com
pagead2.googlesyndication.com
partner.googleadservices.com
play-lh.googleusercontent.com
playslope.com
pxlclnmdecom-a.akamaihd.net
s1.mzstatic.com
site-assets.fontawesome.com
th.bing.com
tpc.googlesyndication.com
upload.wikimedia.org
www.gameseverytime.com
www.giantbomb.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pngitem.com
151.101.193.135
162.159.128.232
173.208.209.196
199.232.212.194
2001:4de0:ac18::1:a:3b
23.195.100.26
23.204.152.39
2600:1400:d:59f::2a1
2600:1400:d:5a6::2a1
2600:1901:0:cba2::
2606:4700:3031::ac43:d0a8
2606:4700:3036::ac43:c27e
2606:4700::6810:d147
2606:4700::6812:1634
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80b::2016
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:824::2002
2620:0:860:ed1a::2:b
2620:1ec:c11::200
2a04:4e42:400::485
34.111.96.116
35.232.130.91
52.217.234.17
66.29.132.210
0e6b2b5f719d83d63b62148509784cc8fad00a4a09474567b396c37bade5cfc3
1168982897ac3c66c2cb98163742d3b870be108300d87b548d97869f9fdce33d
171a652cd0caafa0ab02639c7aec3312fd34a1eb47d0b9404e1fe088104d9e77
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
237cbd53711207409e9c2e0ea750f8792abf18e83059f6ec5fb5bcd3da429db9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1e707b6097e06f03ae7ea671cfdb3a07557a61bec4918a8f5099e2feab59d6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
399ce3b3eb298b303c29e1c340ae7f0b49da840c4e8bc21980da00558d865dbb
3b2ed9ee32a8b95515a58cbf44a74af6b5b24e2daee0d4cd243e0ab5d3d2c91f
3b514f4ba661acabd0b5649e237de9506fdd6a52880aa2b17daebeacc585060c
3fb5c67f48ea8e389b3bab64f99756058b7ffce773dc3473b143961665d61878
405d76e2ecdb10e7986a271371b370753bd1185e3fa796d3418b7d0396df9b58
4404df3d0ba782d0839aa359844575924e25ebb4b1ffedee9c8527d237643d6e
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
44d52aaa0684071651cc7bbfe4bc3703d708fc5bbcbf003341ef3ebb4d94f59b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
455e987c5b6892f8ca01a0c252877aa9263f3cf8fe4ffc32f059912f8c4479a8
491bc23f5940c1c0d8fe4a307314538dc19ff3d205b20194b48c6476742d5a6e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6ac12f66672da5c5c5d5a04dd55dfbd7d80d4572cfe5be0d07f36399188b1a
54ce9683318572b0ea64a23aed7e9d949b598ca92b38e5f8f7fea254f63971b6
54ec5d49fd3dbb498c6f9fb4746bb071d87b86ae802c77b238b3eace00999e14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ee52c88a060ed9fbd38617a6a78769e69c07e11da398bbb8df98d51ca86640
58063a56e8e3af09ede5026c61de4e8a7d40cca9fb48ff21f422caff1e9b8446
5a0093df26b73c46a3dcb4faa9d4601fbd0dc02daf3944b55d80e26453459665
5c2d69e04f31af881e4f87a2af363db15fe2cfc922e98d86e5c07d5f1bbe101d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6389aea71689b6af8e825a518ee1b0a24a2226bd1e9833f987b4d1cb2746f27d
67ce53a9d0417934328c56bf3684444795023e4518058c4c8f0aec3cb04960b8
67f5736078f59691a59ec7e83e79c4ee0a30fed478942f6ca72a5630f6c36555
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
7366639e975cfef8687b5723f3f551aa4ab0c927fb43d4e44cf3227512199edc
7813f7e553f2828a60673566ee54da97593477f561c5ade57f5a2f76b4ac3cfb
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79a7af9b0e87fece0cee86237add2ef491b760697d35ef0641fbb76137902ba1
7ad5e73c057d0204c93ebee1e1a289bdde1ba60ac0bbff5d88fb4b39698fbe08
7c9d837f2b6152bf20bbc3772d0014175337b504fb2c585ebd50d6b80f6d2353
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
7ef19507353beb14a0415f80892c79742e8bd5072cfafd0e8806b12baeb7ef2d
7f20452ff2f18285804b0b3a0456207c88a1640e508290fb83c01f6312a95e1a
80f697b8c91e9a8461990fa1e3a186fafbde71340a538c63fe483c9718dba966
81b2b1f3109818138642e539ea79301b4674dd72eb17548115e41b0e7f087739
8e76045fbdbdf1fd502f0d4b5b5d629a262d0d656d0011f0c9e3dec7414fd814
8e9d6e6f549600791fe06899e2bb35d35e1f5420c241d5306bcde22344fdab03
8fa9268ce7294624826e500990c0faac0f1a3773c3e011f01b67b4aa87a25625
9adea872ab27c7d5c3fb98a8abaec2967782fca85fa533a76f302acb51cf044f
9de74cea85366af9d1a52af726e072344bc47615da4bdb2fe45b735b2b7dd8be
a0db97f770eb0d054ac6c30674088cbbbef0d36fc5154ea348c0a1b1688fe3b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
adcbef9629114ddeb46b731d81b9186aaaf016eb85f4d395b400c44cc5612b88
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1deba82b716124cdf4af6a8f82a75e0dc26c2e92419dcd0d0fcabe85c1d6b32
b66bf9dcfc22252de90bcaa3702d52fd6a53ae2178d8a96e80c137fb38226553
bccc0ea5d81fb4df0ce8bb0c54ac784d3693ee736f07d2c20632c8e4b969c12c
be5a757209190e58571f4af5206d69888cc09288fc19b84085d83dbc5f037c6c
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c1960e161692a3fe2ae13c463ead5ad1d46bbcfd7d25b6c2d52a172108156366
c1aad7985ba111941c915434c417fe5a24625b1b1ad22b7e692afa28840cee28
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c4871c9a3ab25ca8d986eb43cb71e61216c10350066486a1aee38e0bb87370f5
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d676e742b549cf7b4698cb9dc5be5f1734bc59313958cf9a7b7acd92a5ff3d76
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e37032236005775d256524b1718a176ef35f7cac0b89660e4533bdae94ad883a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d27691b3ab52a6a5887988f71d82f55c35e1b003775fefa99acc01860359a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e86e2999c9d42b73221ee8dd4aba2c99e91a66337e494020011642b93d4a9
f11d7ee0911a621e3464dae6be83e5d853e0ed6b552dafa5702ce493a15b50d5
f2143b118c6ef25cc9c0549973d85598525ca6c655cdf1a174dcf08cde6f727f
f4475165d648177c5669d6555bfb0383169de11c8cda3887f442a3139063ab35
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

hwhelp.cc Open in urlscan Pro 2606:4700:3036::ac43:c27e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

99 %HTTPS

71 %IPv6

29 Domains

36 Subdomains

34 IPs

3 Countries

4558 kBTransfer

8424 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hwhelp.cc Open in urlscan Pro
2606:4700:3036::ac43:c27e Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

99 %
HTTPS

71 %
IPv6

29
Domains

36
Subdomains

34
IPs

3
Countries

4558 kB
Transfer

8424 kB
Size

17
Cookies

128 HTTP transactions
4 data transactions