urlscan.io logo urlscan.io
SecurityTrails logo

oem.windowsreinstall.com Open in urlscan Pro
2606:4700:20::681a:9a4  Public Scan

Go To Rescan Add Verdict Report
URL: https://oem.windowsreinstall.com/
Submission Tags: @phishunt_io
Submission: On January 16 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 37 HTTP transactions. The main IP is 2606:4700:20::681a:9a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is oem.windowsreinstall.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 15th 2021. Valid for: a year.
This is the only time oem.windowsreinstall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2606:4700:20::681a:9a4 (United States)

ASN13335 (CLOUDFLARENET, US)
oem.windowsreinstall.com
4    2606:4700:20::ac43:47f2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.windowsreinstall.com
10    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
14 oem.windowsreinstall.com 1 redirects oem.windowsreinstall.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com oem.windowsreinstall.com
pagead2.googlesyndication.com
4 www.windowsreinstall.com oem.windowsreinstall.com
www.windowsreinstall.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 ssl.google-analytics.com oem.windowsreinstall.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
0 www.google.com Failed oem.windowsreinstall.com
37 11

This site contains links to these domains. Also see Links.

Domain
www.windowsreinstall.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-15 -
2022-01-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://oem.windowsreinstall.com/
Frame ID: 81AF8CAA2BB179D83D1F6857EC0177CF
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Frame ID: EAC4F2E70F0A2A73D9C031BFA3C2BA6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=280&slotname=5679649943&adk=675400441&adf=4048775849&pi=t.ma~as.5679649943&w=1200&fwrn=4&fwrnh=100&lmt=1610125124&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1610809380257&bpp=15&bdt=124&idt=106&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6353592568960&frm=20&pv=2&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=201&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Td9C08Z9m2&p=https%3A//oem.windowsreinstall.com&dtd=130
Frame ID: 18B3EDFC0AA67FAB7DF00E449B99AF10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=600&slotname=8633116340&adk=505659364&adf=3673450622&pi=t.ma~as.8633116340&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1610125124&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1610809380306&bpp=1&bdt=173&idt=93&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=201&ady=1850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vNxTQUngtK&p=https%3A//oem.windowsreinstall.com&dtd=97
Frame ID: E8EF6FBDE71898F3F3E24EA91E1BABD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&adk=1812271804&adf=3025194257&lmt=1610125124&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Foem.windowsreinstall.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1610809380307&bpp=1&bdt=173&idt=100&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x600&nras=1&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=106
Frame ID: 02E592D10C898A4AF9DD03627BAD77C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=280&adk=1110416062&adf=3500369905&pi=t.aa~a.1535232735~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610125124&rafmt=1&to=qs&pwprc=6120303394&psa=1&format=1200x280&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610809380585&bpp=1&bdt=452&idt=1&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4c273ebfd1d0af18-22bbbf4793b9000f%3AT%3D1610809380%3ART%3D1610809380%3AS%3DALNI_MaxPQ79Oqni_fLZueewYAJz9Ejttw&prev_fmts=1200x280%2C1200x600%2C0x0&nras=1&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=203&ady=1770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EN9XqF0aHi&p=https%3A//oem.windowsreinstall.com&dtd=8
Frame ID: 2B3A5DEA1968BA92E843455C6A4E62DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 2EF768F7A5C4F6CA095C352F9D455A27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

37
Requests

86 %
HTTPS

89 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

314 kB
Transfer

629 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://oem.windowsreinstall.com/cookiechoices.js HTTP 0
  • http://www.windowsreinstall.com/index.htm
Request Chain 31
  • https://oem.windowsreinstall.com/images/buttonBD.gif HTTP 302
  • http://www.windowsreinstall.com/index.htm

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oem.windowsreinstall.com/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f864725335477565834e7e4214ca323ab8af68e7a9df4dcf1f00502025810f55

Request headers

:method
GET
:authority
oem.windowsreinstall.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-type
text/html
set-cookie
__cfduid=d902b70084ef08ef31ee5212f27ce1bae1610809380; expires=Mon, 15-Feb-21 15:03:00 GMT; path=/; domain=.windowsreinstall.com; HttpOnly; SameSite=Lax
cf-railgun
784c1b041c stream 0.000000 0210 da0c
last-modified
Fri, 08 Jan 2021 16:58:44 GMT
cf-cache-status
DYNAMIC
cf-request-id
07ad51a4f700004a9d481f1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2BqU1ZvSszjXdIqQ0iUJ88iyZaejHOQhaOHI9yprfRAjdTXquEKNTrqtdfSDABxp4jsB10wZtjO%2BCkp8BQ9U6pA%2BGz5IAf6fT26wmsUxvH5%2FrRfbQa%2BSOm%2BHJ8Uu3IVFkHIHVFE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6128b8818e214a9d-FRA
content-encoding
br
style2.css
www.windowsreinstall.com/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.windowsreinstall.com/styles/style2.css
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61683155674263f6a602e652b9d2e2ca4f5da0116bb573f95b551e290abc8d82

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1036
cf-polished
origSize=2473
cf-request-id
07ad51a5470000d6cd99925000000001
last-modified
Fri, 08 Jan 2021 16:59:56 GMT
server
cloudflare
etag
W/"9a9-5b8667c63e936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ews9NONRMvQ3B7EBb%2BHkiy8q%2BQqfoPp4TOOzFpprZSE0wg%2B0F0xpkZhOa3LoTk9efSRxa4iS2Ip5M3z6paR5rKhpqJsW3%2BDH4kUMint7a0bmzFAA97D2Puv0E%2Fq1MGslvwZ4OC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6128b8820d8ed6cd-FRA
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47568
x-xss-protection
0
server
cafe
etag
3101847616964972039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 16 Jan 2021 15:03:00 GMT
cookiechoices.js
oem.windowsreinstall.com/ 		0
0
acer.gif
oem.windowsreinstall.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/acer.gif
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab1f7c6432ba57ed5e193e3675887c16e30aa41825f810185fa1ed968e382616

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:43 GMT
server
cloudflare
etag
"665-5b866780ab9a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mxmWORJtrFUPsJCya2iEnX3DRNj68IsWwOKsgQTi3HVxzsa8YfMMQXOvPc71iGsi3k516zrCeAYZwxLlJO398GF1%2BdVv4Ci6sLzhG%2F8p4iPN8bCMUAK63VsEz9aOuEZGcCmak4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b8822fb54a9d-FRA
content-length
1637
cf-request-id
07ad51a55c00004a9df604d000000001
index.1.jpg
oem.windowsreinstall.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/index.1.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c530628c24e7f381712cd8a48200661297e36ed6516ef06c42752c3f224ff99f

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:43 GMT
server
cloudflare
etag
"102f-5b866780e3447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eFyLlEUd%2B5XkWNMeK1JvPQJd5FrKLORNtkkpReeRYkh%2B327op2sCtyLVQd4nR8UvLfSY9PaGHAqU03t2z0vdrjRfGGvTHfk5T9%2B4AaS6pNAjjioBI3om%2Fd8IZwpPvkhXXDBgNvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b882683e4a9d-FRA
content-length
4143
cf-request-id
07ad51a58000004a9ddf896000000001
index.2.jpg
oem.windowsreinstall.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/index.2.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebe7badc04236141e4f08261618eaf5f0c8ceedc5a5314fb7777088e7d58361

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:44 GMT
server
cloudflare
etag
"d46-5b8667810c48b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Otf3B0T%2F4p5PNFqxhzjdpOgvNZQiFM4kcq8wUZmNqrnkTWBKNpUd4ZXlIt%2FpCZFF1kzME6E%2BEGHPigptGqJjILzOOeV8lo78dXejyE2hqWO%2B4f1KPoaHsL1qKU5kmpcEcIgMwzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b88268414a9d-FRA
content-length
3398
cf-request-id
07ad51a58100004a9d00164000000001
index.3.gif
oem.windowsreinstall.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/index.3.gif
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3412115dbdd4e3663dbd9c244f4fda0ea743af633597506e75e28cfc1d1b8744

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:44 GMT
server
cloudflare
etag
"5ba-5b86678147db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VrZMTO%2FVpzy%2BHaj5TMba97CVQ1rWZI8c77crGFjqqvXsKAXzAYd738WwK9R26VOHHyIOIIiHSd2OFtK03%2F93By3RnnG8uzl%2FJhDT6%2FLELXKX56Kuyi7ZoApl1HBq2k9NTaDw%2BKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b88268424a9d-FRA
content-length
1466
cf-request-id
07ad51a58100004a9dd4ad7000000001
fuji.jpg
oem.windowsreinstall.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/images/fuji.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620003644d2117738a1c0acea18ee7f8e88c22ac72c2f744b69eb0fa5b666e99

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:59:01 GMT
server
cloudflare
etag
"707-5b866791351a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j9MslPKO5t6pHvAClJuHGbyAwxyIHcrgv4rDo%2BveIfVEYfc%2Bbvzhq%2BU89ObMmPnVBBKOy9N4lpxqC%2FWXUm0ldzWaj677wt7hpQV5GnYK392PMC1teDQnMCSOnoynXkqLSaS3BgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b88268434a9d-FRA
content-length
1799
cf-request-id
07ad51a58100004a9dfd23b000000001
index.22.jpg
oem.windowsreinstall.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/index.22.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3d95d5a6dd46f07f5024e515bd6e9bea31953d82ffc1e1f582150a98326b94

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:44 GMT
server
cloudflare
etag
"f01-5b866781400b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NPyDmtYHzC29%2FBFnIq3I%2FhOdkASyTGEYNkGleSOpLB83%2BhEliDIBtzKeaVAczFGg3qLGmZR%2FD%2B4qTrAPdQqaubE3DtmV5nVcJBpyhB%2BwtjQ23IQErcmEuHqxI4%2FXBFjZZ89GEDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b88268444a9d-FRA
content-length
3841
cf-request-id
07ad51a58100004a9d440c6000000001
index.4.gif
oem.windowsreinstall.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/images/index.4.gif
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
334ab52fc6449bde0ad1d8c25ade42f54a9ca2eddce51675a8a985a1c39c17ca

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:59:01 GMT
server
cloudflare
etag
"52b-5b86679195c8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TXsLrUERqu9kptWh55SSESalj%2B0lKFkQ0UUBpvCaIH3gBhiHgI8CZXIjf34SHanrcB4tzcR7TOJdfY7IE63XaoikbR04rhTWQclu9NeyW%2FfXu18Scu4h10bkbWMrz2Rn6EGCjK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b88268474a9d-FRA
content-length
1323
cf-request-id
07ad51a58100004a9de829b000000001
index.3.jpg
oem.windowsreinstall.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/index.3.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0980eb49daf04aa5eccced33cbe53224e965aa9ff3662917b4a3e7ff9006b1

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:44 GMT
server
cloudflare
etag
"7cf-5b8667816fe55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4xBjPEg0s0aJQomnsDi%2BYgncETsl%2BxtJo22ICSsRphPBY24NoDYjxEi518i5b0WfubQHtvmJinA5XGhuz%2B87OiJY7lod7tZqwIWkhLySzQKpYHguzAKG9x0OuFUZF2JYJW1LbvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b88268494a9d-FRA
content-length
1999
cf-request-id
07ad51a58200004a9d220c6000000001
logo.gif
oem.windowsreinstall.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/images/logo.gif
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a740658baf297bdc0e66e0dd0b5f0f45d6009f1e652c3284dc7f6e34516e024

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:59:01 GMT
server
cloudflare
etag
"179f-5b866791fb595"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fomfbDpXnu2FtevwjFj2nqM8J6TMAXpc7chQK6pTNaXFoJFbjzlSQhy0nLMy3kA9JlwIeW7%2FJOjrkV3L2k5rwHAKVWPENwL11JXfVFtfLhrZ%2BhTh4gznxNwqer7xeyAyVdy6mpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b882684b4a9d-FRA
content-length
6047
cf-request-id
07ad51a58200004a9d1095c000000001
index.11.jpg
oem.windowsreinstall.com/sony/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/sony/index.11.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e8e5ee7292889a1920dab0545095e58c0fea08c2d51bf175b7e35ba6b704b0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:59:08 GMT
server
cloudflare
etag
"b43-5b86679878858"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kbJ8h%2FlW82iWTIazs8N6UHqO4CsYWKvHlM86OiifU9lQFoRu6wa5PJ78%2FEd3xpVc1sdu8A3%2BIco0fW60ZfZ%2FrdPO4H6XA0ttmE9hSW6RJ%2FTp1yB%2F9rW2KVXX7OPAr8OR7Z1283I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b882684c4a9d-FRA
content-length
2883
cf-request-id
07ad51a58200004a9d393f1000000001
SPIRIT_LOGO.jpg
oem.windowsreinstall.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/SPIRIT_LOGO.jpg
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091612b96ca1ef99d5f75e6fe11a5b31683795ec08fa20d549024e10435dffbb

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:44 GMT
server
cloudflare
etag
"40d8-5b866781e8fe1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pGbCduRff4oGYA0nVhPdST8H17t%2FfXrLE%2BQDYPwiC5PHCujl4NpAjHumDDTyeKo74%2FpJCg7qFm6r2QGNlSQPSdeJbt0oOive4RPsMyz55keFhLhu3nLYW%2B1ShR2GVzUNwd7Y0BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b882684d4a9d-FRA
content-length
16600
cf-request-id
07ad51a58200004a9dd4076000000001
toshiba.JPG
oem.windowsreinstall.com/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oem.windowsreinstall.com/toshiba.JPG
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00cc0fe61cf218f993fa8225ea4035ee38e180049fbb900794c05551a4240768

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Jan 2021 16:58:45 GMT
server
cloudflare
etag
"efda-5b866782640ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JiG711mO1aIJWEgDSYUePLQHRFEejj%2B1YBWuyN1CZreLSUIG0rqAVexzciX7GOrArKMu28ObfzCLdatTQR2bgLhmv7ACL5MKNT7PDSH%2FAmQXBZNEfSbipcQvy9pbLEVYPwidljo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6128b882785c4a9d-FRA
content-length
61402
cf-request-id
07ad51a58600004a9d51b28000000001
logo2.gif
www.windowsreinstall.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.windowsreinstall.com/images/logo2.gif
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:47f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0533a1af84e3b7a4ed0ac75e29cbbdf6fd0fccca3c87eddbbfe726b0814dd721

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 16 Jan 2021 15:03:00 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1036
Cf-Polished
status=disabled
Connection
keep-alive
Content-Length
9578
cf-request-id
07ad51a5850000dfcbef310000000001
Last-Modified
Fri, 08 Jan 2021 16:48:39 GMT
Server
cloudflare
ETag
"256a-5b866540947bb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VYKlbXC5%2FbTnvgDaMIzpN69I0kvG8TYQuf9c0I97%2BeFwu1dpOSpcFjsDerkR%2FNqpLqcUAyMuhfM99TuBdAp6qOQLWe28Gvm1qCRS8eJozAVSQYbE9VO91xtXnCBIBGg51ydyz80%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6128b8826b62dfcb-FRA
Cf-Bgj
imgq:200,h2pri
branding.css
www.google.com/cse/api/ 		0
0
layout.css
www.windowsreinstall.com/styles/ 		270 B
402 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.windowsreinstall.com/styles/layout.css
Requested by
Host: www.windowsreinstall.com
URL: https://www.windowsreinstall.com/styles/style2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7447da9d48cd5f7429313ab189d1563986a99782b0079703221bf9db743ae6c

Request headers

Referer
https://www.windowsreinstall.com/styles/style2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1036
cf-polished
origSize=362
cf-request-id
07ad51a55d0000d6cdb0300000000001
last-modified
Fri, 08 Jan 2021 16:59:56 GMT
server
cloudflare
etag
W/"16a-5b8667c60dbf2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wVhPU9zHnU%2F7EUjZmBjzo7sVFawP4gI7wchay2JbIA0qgZJ8Gz%2Bmk%2FzK5PDaNGGJbQKKbXScKKfeYWJnuDYpyLa5DEwTG59AzJW4nvU3YmeMlprCb9qyVmkQ4c%2BXwQ5N%2FiAlCCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6128b8822dc9d6cd-FRA
cf-bgj
minify
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2670
date
Sat, 16 Jan 2021 14:18:30 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 16 Jan 2021 16:18:30 GMT
index.htm
www.windowsreinstall.com/
Redirect Chain
  • https://oem.windowsreinstall.com/cookiechoices.js
  • http://www.windowsreinstall.com/index.htm
0
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86268
x-xss-protection
0
server
cafe
etag
7753973667244452840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Jan 2021 15:03:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/ Frame EAC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oem.windowsreinstall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oem.windowsreinstall.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 16 Jan 2021 11:17:44 GMT
expires
Sat, 30 Jan 2021 11:17:44 GMT
content-type
text/html; charset=UTF-8
etag
12197657918578843409
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
13516
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
__utm.gif
ssl.google-analytics.com/r/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=482508804&utmhn=oem.windowsreinstall.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OEM%20install%20reinstall%2C%20Recoveries%2C%20and%20troubleshooting%20of%20windows%207%2C%20Vista%2C%20XP%2C%2095%2C%2098%2C%20me%2C%20nt%2C%20and%202k&utmhid=351269308&utmr=-&utmp=%2F&utmht=1610809380287&utmac=UA-346738-1&utmcc=__utma%3D180181026.170864240.1610809380.1610809380.1610809380.1%3B%2B__utmz%3D180181026.1610809380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=169826608&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: oem.windowsreinstall.com
URL: https://oem.windowsreinstall.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Jan 2021 15:03:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=oem.windowsreinstall.com&callback=_gfp_s_&client=ca-pub-0848030345413254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
98802b78acf7b1063af614cf69f0351c5963ce271031f4a790ecc64311898076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=oem.windowsreinstall.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=oem.windowsreinstall.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 18B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=280&slotname=5679649943&adk=675400441&adf=4048775849&pi=t.ma~as.5679649943&w=1200&fwrn=4&fwrnh=100&lmt=1610125124&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1610809380257&bpp=15&bdt=124&idt=106&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6353592568960&frm=20&pv=2&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=201&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Td9C08Z9m2&p=https%3A//oem.windowsreinstall.com&dtd=130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=280&slotname=5679649943&adk=675400441&adf=4048775849&pi=t.ma~as.5679649943&w=1200&fwrn=4&fwrnh=100&lmt=1610125124&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1610809380257&bpp=15&bdt=124&idt=106&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6353592568960&frm=20&pv=2&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=201&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Td9C08Z9m2&p=https%3A//oem.windowsreinstall.com&dtd=130
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oem.windowsreinstall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oem.windowsreinstall.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 16 Jan 2021 15:03:00 GMT
server
cafe
content-length
206
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 16-Jan-2021 15:18:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 16 Jan 2021 15:03:00 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1610714114181599"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28294
x-xss-protection
0
expires
Sat, 16 Jan 2021 15:03:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E8EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=600&slotname=8633116340&adk=505659364&adf=3673450622&pi=t.ma~as.8633116340&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1610125124&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1610809380306&bpp=1&bdt=173&idt=93&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=201&ady=1850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vNxTQUngtK&p=https%3A//oem.windowsreinstall.com&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=600&slotname=8633116340&adk=505659364&adf=3673450622&pi=t.ma~as.8633116340&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1610125124&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1610809380306&bpp=1&bdt=173&idt=93&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=201&ady=1850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vNxTQUngtK&p=https%3A//oem.windowsreinstall.com&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oem.windowsreinstall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oem.windowsreinstall.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 16 Jan 2021 15:03:00 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 16-Jan-2021 15:18:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 16 Jan 2021 15:03:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 02E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&adk=1812271804&adf=3025194257&lmt=1610125124&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Foem.windowsreinstall.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1610809380307&bpp=1&bdt=173&idt=100&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x600&nras=1&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=106
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&adk=1812271804&adf=3025194257&lmt=1610125124&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Foem.windowsreinstall.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1610809380307&bpp=1&bdt=173&idt=100&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x600&nras=1&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=106
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oem.windowsreinstall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oem.windowsreinstall.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 16 Jan 2021 15:03:00 GMT
server
cafe
content-length
4581
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 16-Jan-2021 15:18:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 16 Jan 2021 15:03:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 2B3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=280&adk=1110416062&adf=3500369905&pi=t.aa~a.1535232735~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610125124&rafmt=1&to=qs&pwprc=6120303394&psa=1&format=1200x280&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610809380585&bpp=1&bdt=452&idt=1&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4c273ebfd1d0af18-22bbbf4793b9000f%3AT%3D1610809380%3ART%3D1610809380%3AS%3DALNI_MaxPQ79Oqni_fLZueewYAJz9Ejttw&prev_fmts=1200x280%2C1200x600%2C0x0&nras=1&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=203&ady=1770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EN9XqF0aHi&p=https%3A//oem.windowsreinstall.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0848030345413254&output=html&h=280&adk=1110416062&adf=3500369905&pi=t.aa~a.1535232735~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610125124&rafmt=1&to=qs&pwprc=6120303394&psa=1&format=1200x280&url=https%3A%2F%2Foem.windowsreinstall.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610809380585&bpp=1&bdt=452&idt=1&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4c273ebfd1d0af18-22bbbf4793b9000f%3AT%3D1610809380%3ART%3D1610809380%3AS%3DALNI_MaxPQ79Oqni_fLZueewYAJz9Ejttw&prev_fmts=1200x280%2C1200x600%2C0x0&nras=1&correlator=6353592568960&frm=20&pv=1&ga_vid=1626607604.1610809380&ga_sid=1610809380&ga_hid=351269308&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=203&ady=1770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21065787&oid=3&pvsid=3266685386463457&pem=997&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EN9XqF0aHi&p=https%3A//oem.windowsreinstall.com&dtd=8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oem.windowsreinstall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oem.windowsreinstall.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 16 Jan 2021 15:03:00 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
IDE=AHWqTUkbkunI5nV88lbykfhz2-m5XUEK3sgElh_LSjsRa9I_YUDMYPORb6x8fhOb; expires=Thu, 10-Feb-2022 15:03:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 16 Jan 2021 15:03:00 GMT
cache-control
private
index.htm
www.windowsreinstall.com/
Redirect Chain
  • https://oem.windowsreinstall.com/images/buttonBD.gif
  • http://www.windowsreinstall.com/index.htm
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.windowsreinstall.com/index.htm
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:47f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Sat, 16 Jan 2021 15:03:00 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o8ktttCn%2FC2yi1iA8hNYGXX5xWgdEVkxDoqLiLAUOGPuAiFaoN8Q7UTsSmASIz4Xe3nOPLoR2yCozgfA%2BNeJPOFPmZhcx34ROGRTYYEoDEIYydupKNmF%2BjEgY5oPREjE60yqn0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
http://www.windowsreinstall.com/index.htm
cf-ray
6128b88588fc4a9d-FRA
cf-request-id
07ad51a77900004a9dd8b16000000001
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88a097429cb9cd92d6c3011f4ce3341159aa041cc89becdb3284b8366cd847e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6613
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 15:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Sat, 16 Jan 2021 15:03:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 2EF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://oem.windowsreinstall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://oem.windowsreinstall.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Sat, 16 Jan 2021 13:36:13 GMT
expires
Sun, 16 Jan 2022 13:36:13 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5207
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210112&jk=3266685386463457&bg=!2tml2ZrNAAWtJAQVrTsAKQB2-DxauTBn8GiybnagiNfAuJpXeC7r3vKYlZum2mA5FknBWmR37nW4AgAAAFVSAAAADGgBBwoBXuVxcuBsXU6v5FP7xddOxHjj1_frTS-yKDB4FI8TOwNS7Ags7bl0Viqq0q-MhoVAdJIQh9G6RNrq3vp1136fvy-_NkSaI7IYGzZl0ToY1QL3uh4dkGyWmKsz2YW5iToeVw1SYbAlO2ilHKbFlU7bCb-TXqJ080DlCbuCEua-sRp6E-sPx8dsCgVBHbXf6V-2C45VF1aEbQiS7UjlL1EpojHhUXf5uBnwzdkJzMRVqR431UKChzA9H4C9Bd_jpkKyWqoZEr72ZpnbTVpy9VswLOpaOwcld9Z9hM7m0mkAJO1rYB3lzl8uvzFlXYlU9evuMyXXAAbivt2am5pD9TwPYX9ZkHI6qoqPTpZNwsiDI8995WxazMxRI-UTdbcnZ8tVQTvIPJau3kPTP4YTocncmwiuVEtEg1iDPz36EaAszpwHh8Pyr51tTuie8IzkFTNcLxY8UNsdvLHQKNFPSCHKmQHlYpw7E4GbEKqSkibYD9vKIGG9IbysdGN4mJCIvpoQjIpjQx_w024VHx9I3TH6D0Fp8fQCVjfuXR_AU-8vY-95QEP_h1ESmqPzM04b1Yyp9plDkD_3Cnx7kWALSD_YlHxJrPMkJfnkES4tpOkkEUHoeQsSWC-ow3rg_5NeAv5E6MOTT2jeQdE8PUpjxt0BChmw5GLuxuY06DoZzopCRJTwj4u3SD5IgRuz0B8g3mljQ3HimvjWAxvd3JeWav9JVgXu4nrZQ_XJEfWgZlMBzYfr5tandtHALoyFfLQfvEriwmTZaMOVPm02tti98i2MQ5Q1Gg0ApzWWlTHZZldr081cxNIbBaoWufC9rbosEZLVON2GiChxjDBA7d0jq08QNotm2_xh7Wf6kT-1lH5YvmatUqwcyAtn0PasGNIDf-GJWp4M4gXXdh7Jd851CD0_twGHy14-Iu3cquykuNsZmy5UsVaOZqFliT8Hs7R5frZ5iD43omCeajsQiGF-bhE2DEGdONEVHbSLoEYWNcjqDjWnKZFFMu8ny6TCjeECCscvJVT3GaDm_qGT1XFph9C-myzOsO6wODXTT8IHkOhzU-P2T7lmvzxi6k7kiInMP6VquywjeEq35FjX3fspeF6KPdikwlsh2wY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oem.windowsreinstall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Jan 2021 15:03:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oem.windowsreinstall.com
URL
https://oem.windowsreinstall.com/cookiechoices.js
Domain
www.google.com
URL
http://www.google.com/cse/api/branding.css
Domain
www.windowsreinstall.com
URL
http://www.windowsreinstall.com/index.htm

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| FP_preloadImgs object| _gaq object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _gat object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkbkunI5nV88lbykfhz2-m5XUEK3sgElh_LSjsRa9I_YUDMYPORb6x8fhOb
.windowsreinstall.com/ Name: __gads
Value: ID=4c273ebfd1d0af18-22bbbf4793b9000f:T=1610809380:RT=1610809380:S=ALNI_MaxPQ79Oqni_fLZueewYAJz9Ejttw
.windowsreinstall.com/ Name: __utmb
Value: 180181026.1.10.1610809380
.windowsreinstall.com/ Name: __utmc
Value: 180181026
.windowsreinstall.com/ Name: __utmt
Value: 1
.windowsreinstall.com/ Name: __utmz
Value: 180181026.1610809380.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.windowsreinstall.com/ Name: __utma
Value: 180181026.170864240.1610809380.1610809380.1610809380.1
.windowsreinstall.com/ Name: __cfduid
Value: d902b70084ef08ef31ee5212f27ce1bae1610809380

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
oem.windowsreinstall.com
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.windowsreinstall.com
oem.windowsreinstall.com
www.google.com
www.windowsreinstall.com
172.217.23.98
2606:4700:20::681a:9a4
2606:4700:20::ac43:47f2
2a00:1450:4001:802::2008
2a00:1450:4001:815::2008
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:824::2001
00cc0fe61cf218f993fa8225ea4035ee38e180049fbb900794c05551a4240768
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0533a1af84e3b7a4ed0ac75e29cbbdf6fd0fccca3c87eddbbfe726b0814dd721
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
091612b96ca1ef99d5f75e6fe11a5b31683795ec08fa20d549024e10435dffbb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14e8e5ee7292889a1920dab0545095e58c0fea08c2d51bf175b7e35ba6b704b0
2e0980eb49daf04aa5eccced33cbe53224e965aa9ff3662917b4a3e7ff9006b1
334ab52fc6449bde0ad1d8c25ade42f54a9ca2eddce51675a8a985a1c39c17ca
3412115dbdd4e3663dbd9c244f4fda0ea743af633597506e75e28cfc1d1b8744
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
3a740658baf297bdc0e66e0dd0b5f0f45d6009f1e652c3284dc7f6e34516e024
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
61683155674263f6a602e652b9d2e2ca4f5da0116bb573f95b551e290abc8d82
620003644d2117738a1c0acea18ee7f8e88c22ac72c2f744b69eb0fa5b666e99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88a097429cb9cd92d6c3011f4ce3341159aa041cc89becdb3284b8366cd847e8
8ebe7badc04236141e4f08261618eaf5f0c8ceedc5a5314fb7777088e7d58361
98802b78acf7b1063af614cf69f0351c5963ce271031f4a790ecc64311898076
ab1f7c6432ba57ed5e193e3675887c16e30aa41825f810185fa1ed968e382616
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c530628c24e7f381712cd8a48200661297e36ed6516ef06c42752c3f224ff99f
c7447da9d48cd5f7429313ab189d1563986a99782b0079703221bf9db743ae6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f864725335477565834e7e4214ca323ab8af68e7a9df4dcf1f00502025810f55
ff3d95d5a6dd46f07f5024e515bd6e9bea31953d82ffc1e1f582150a98326b94