URL: https://windows10help.nl/
Submission Tags: @phishunt_io
Submission: On July 20 via api from DE

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 26 HTTP transactions. The main IP is 2001:16e8:1115:40::10, located in Netherlands and belongs to DENIT-AS Amsterdam, NL. The main domain is windows10help.nl.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 29th 2021. Valid for: a year.
This is the only time windows10help.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 www.windows10help.nl windows10help.nl
5 pagead2.googlesyndication.com windows10help.nl
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.google.com 1 redirects www.windows10help.nl
tpc.googlesyndication.com
3 windows10help.nl pagead2.googlesyndication.com
windows10help.nl
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cse.google.com windows10help.nl
1 www.startnederland.nl windows10help.nl
26 12

This site contains links to these domains. Also see Links.

Domain
www.windows10help.nl
www.almijnvragen.nl
www.startnederland.nl
www.myip.nl
get.adobe.com
www.anydesk.com
www.google.com
www.firefox.com
remotedesktop.google.com
www.teamviewer.com
www.windows10update.nl
www.microsoft.com
www.zoom.us
www.wieheeftgebeld.nl
www.wetransfer.com
icecat.nl
www.internet.nl
www.sidn.nl
www.watismijnip.nl
support.microsoft.com
windows.microsoft.com
support.office.com
technet.microsoft.com
www.catalog.update.microsoft.com
answers.microsoft.com
blogs.windows.com
www.youtube.com
social.technet.microsoft.com
portal.microsoftonline.com
www.bing.com
www.microsofttranslator.com
twitter.com
docs.microsoft.com
www.microsoftstore.com
www.groovypost.com
www.file.net
www.icecat.nl
bing.com
pulse.microsoft.com
www.facebook.com
www.linkedin.com
www.winmagpro.nl
www.betanews.com
www.cnet.com
www.google.nl
www.tweakers.net
www.webwereld.nl
www.hardware.info
www.pcmweb.nl
www.agconnect.nl
www.computeridee.nl
www.computertotaal.nl
dutchitchannel.nl
www.infosecurity.nl
www.microsoft365.nl
www.security.nl
www.seniorweb.nl
www.theverge.com
www.zdnet.com
www.zdnet.be
www.computerworld.com
toolslib.net
filehippo.com
www.gmail.com
drive.google.com
www.icloud.com
nl.malwarebytes.org
www.onedrive.com
www.outlook.com
www.duckduckgo.com
support.apple.com
microsoft.com
msrc.microsoft.com
msrc-blog.microsoft.com
agconnect.nl
ncsc.nl
cyberveilignederland.nl
informatieprofessional.nl
knvi.nl
kpn.com
nctv.nl
securiguide.nl
od-online.nl
security.nl
securitymanagement.nl
veiliginternetten.nl
vpngids.nl
lite.ip2location.com
www.themostbeautifulmusic.com
www.rustigemuziek.nl
nl.wikipedia.org
translate.google.nl
radar.avrotros.nl
www.nu.nl
nl.hardware.info
www.rtlnieuws.nl
tweakers.net
www.techzine.nl
www.bleepingcomputer.com
eenvandaag.avrotros.nl
nos.nl
news.google.com
www.windows11.nl
www.ncsc.nl
www.recalc.nl
frieslanf.opglas.nl
glasvezelnoord.nl
www.glasvezelbuitenaf.nl
www.fiberexpert.nl
www.e-fiber.nl
www.eindelijkglasvezel.nl
developer.microsoft.com
www.howtogeek.com
windows.com
azerty.nl
www.accountkiller.com
www.acer.nl
www.apple.com
support.amd.com
en.wikipedia.org
www.gadgetgoeroe.nl
google.com
www.ascii-code.com
www.asus.com
support.google.com
www.matrox.com
www.fbackup.com
www.w3schools.com
support.brother.com
www.caiway.nl
www.canaldigitaal.nl
www.canon.nl
discussions.apple.com
www.icolorpage.com
configpages.blogspot.nl
www.unitconversion.org
github.com
www.dell.com
processormatch.intel.com
www.jam-software.com
www.mozilla.org
www.intel.com
nl.easeus.com
enterprise.microsoft.com
www.epson.nl
support.mozilla.org
www.memtest86.com
www.gigabyte.com
google.searchingww.com
gsuite.google.nl
www.gebruikershandleiding.com
www.handleidingzoek.nl
www.ifixit.com
www.heidoc.net
helpdesk.denit.nl
support.hp.com
h20195.www2.hp.com
www.hpsmart.com
h20195.www2.hpe.com
store.hp.com
www.hp.com
www8.hp.com
www.idin.nl
www.instagram.com
compatibleproducts.intel.com
downloadcenter.intel.com
www.consumentenbond.nl
www.infrapedia.com
internet.nl
www.acm.nl
docs.joomla.org
www.samsung.com
www.kingston.com
www.konicaminolta.eu
blacklist.kpnmail.nl
www.kpn.com
mobiel.kpn.com
kyoceradocumentsolutions.nl
elektronicaweb.com
support.lenovo.com
support.lexmark.com
help.line.me
www.linkenin.com
www.linux.com
support.logitech.com
www.docs.microsoft.com
portal.msrc.microsoft.com
store.microsoft.com
products.office.com
www.timeanddate.com
mxtoolbox.com
www.nec-display-solutions.com
www.nvidia.com
www.oki.nl
www.olivetti.com
www.panasonic.com
www.cleancss.com
winampnederlands.nl
php.net
w3schools.com
www.pinterest.com
www.ricoh.nl
techcommunity.microsoft.com
support.wdc.com
www.sharp.nl
help.sketchbook.com
www.sony.nl
www.sslshopper.com
sway.com
www.tele2.nl
signal.org
ccleaner.com
malwarebytes.com
www.opera.com
www.vivaldi.com
www.videolan.org
apple.com
www.fookes.com
anydesk.com
www.gdata.nl
www.autodesk.nl
www.solidworks.com
www.mailwasher.net
www.dropbox.com
www.freemake.com
keepvid.com
mediahuman.com
macrium.com
samsung.com
zoom.us
www.telfort.nl
www.toshiba.nl
www.ubuntu.com
www.vodafone.nl
www.searchenginesww.com
web.whatsapp.com
insider.windows.com
www.pcsteps.com
support.xbox.com
www.support.xerox.com
www.xs4all.nl
www.ziggo.nl
findandreplace.io
betanews.com
www.computerworlduk.com
techcrunch.com
www.techradar.com
www.pcmag.com
www.itworld.com
techgenix.com
www.networkworld.com
www.macrumors.com
www.ghacks.net
www.itprotoday.com
www.ereg.me
www.techcrunch.com
www.windowscentral.com
www.tomshardware.com
www.gamespot.com
gizmodo.com
go.microsoft.com
nl.ccm.net
pc-totaal.com
www.pctipvandedag.nl
strongpasswordgenerator.com
acer-nl.custhelp.com
www.pcleek.com
www.windowscorner.nl
downloadcentrum.com
vivaldi.com
templates.office.com
Subject Issuer Validity Valid
www.windows10help.nl
Sectigo RSA Organization Validation Secure Server CA
2021-01-29 -
2022-01-29
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.startnederland.nl
Sectigo RSA Organization Validation Secure Server CA
2020-02-13 -
2022-03-05
2 years crt.sh
*.google.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
www.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.google.de
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh

This page contains 5 frames:

Primary Page: https://windows10help.nl/
Frame ID: B2944A41F86A0C93ADA0B959D722FE4A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/zrt_lookup.html
Frame ID: D3BEE6C7066AA91228562F59FEF8F8AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2550509481199141&output=html&adk=1812271804&adf=3025194257&lmt=1625991435&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows10help.nl%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626807303050&bpp=15&bdt=91&idt=83&shv=r20210714&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3473890678071&frm=20&pv=2&ga_vid=736161152.1626807303&ga_sid=1626807303&ga_hid=1131804813&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1074448299861589&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: CDA303B76CC032C4FBB23BDF54408BBD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1C5C5335A81FE1C02699FED2BA964EFD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D522D548AF02D8BDF61E97032A18BE47
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

26
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

348 kB
Transfer

938 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.google.com/cse/api/branding.css HTTP 301
  • https://cse.google.com/cse/api/branding.css

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
windows10help.nl/
37 KB
7 KB
Document
General
Full URL
https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
619974135f4590de7fa6f2c4185e1241e576590f21d64408238903f92d21b342
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

:method
GET
:authority
windows10help.nl
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 20 Jul 2021 18:55:02 GMT
content-type
text/html
last-modified
Sun, 11 Jul 2021 08:17:15 GMT
etag
W/"60eaa90b-94e8"
strict-transport-security
max-age=15768000; includeSubDomains
x-powered-by
PleskLin
content-encoding
br
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2550509481199141
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcdbbfbdf33541305ec627b84f50cbb483f5fc2fc2c7e69e725418e477e13aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windows10help.nl
Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48498
x-xss-protection
0
server
cafe
etag
4705092976641495299
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Jul 2021 18:55:02 GMT
f.js
www.windows10help.nl/
80 KB
14 KB
Script
General
Full URL
https://www.windows10help.nl/f.js
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6b0cf1ccb11e5092d5b8f51e0dd5e471e0144bec3ddbe8769370d46e541bc0d4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:02 GMT
content-encoding
br
last-modified
Thu, 15 Jul 2021 08:43:02 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"60eff516-1408f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
t.js
www.windows10help.nl/
329 B
421 B
Script
General
Full URL
https://www.windows10help.nl/t.js
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6d8324ef3fe794e70365e9dfbc4c58168c70d817c146a10780fdf8de646efaf9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:02 GMT
content-encoding
br
last-modified
Mon, 22 Jun 2020 13:10:48 GMT
x-accel-version
0.01
x-powered-by
PleskLin
etag
W/"149-5a8abf8ae23c7"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
server
nginx
w10nieuws.js
www.startnederland.nl/
4 KB
2 KB
Script
General
Full URL
https://www.startnederland.nl/w10nieuws.js
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
565f75bc7b966de69c844c4590cebd812a7b71b7b7a59534a3f848a4e59fa9c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
br
last-modified
Tue, 20 Jul 2021 10:03:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"60f69f74-1034"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
menu.js
www.windows10help.nl/
191 KB
45 KB
Script
General
Full URL
https://www.windows10help.nl/menu.js
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
dbc3536b7282db11d1d9840ee39eed9e70f5bc3d100e10f11a1aae5d63eec0b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:02 GMT
content-encoding
br
last-modified
Tue, 20 Jul 2021 16:04:33 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"60f6f411-2fc8b"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
nieuwsover.js
www.windows10help.nl/
18 KB
5 KB
Script
General
Full URL
https://www.windows10help.nl/nieuwsover.js
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6285872380f5e02b6e6099b114f3af3981ec7fe3bea7b8af1d6e85e1b6267b4a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:02 GMT
content-encoding
br
last-modified
Wed, 09 Jun 2021 07:00:29 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"60c0670d-4830"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
nieuws.js
www.windows10help.nl/
422 B
424 B
Script
General
Full URL
https://www.windows10help.nl/nieuws.js
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
314fc2e3c7198e5393f77f95d09877426dd7da6d39b61838d377eccf759b6c8b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:02 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 09:53:35 GMT
x-accel-version
0.01
x-powered-by
PleskLin
etag
W/"1a6-590896e1cb118"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
server
nginx
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/
246 KB
91 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2550509481199141
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e37c337b34b27b15c0c3b920f3c9575ce05e4b9f5ad0c106abf01c90000347a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93596
x-xss-protection
0
server
cafe
etag
16567621963654282786
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Jul 2021 18:55:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/ Frame D3BE
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2550509481199141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210714/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows10help.nl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows10help.nl/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 20 Jul 2021 16:43:34 GMT
expires
Tue, 03 Aug 2021 16:43:34 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
7889
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
w10.jpg
windows10help.nl/
12 KB
12 KB
Image
General
Full URL
https://windows10help.nl/w10.jpg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2550509481199141
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
475eedf52b42993152acaad52650e40a610dcc6700bd4f3c9be637ed682aa8d9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

:path
/w10.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows10help.nl
referer
https://windows10help.nl/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
last-modified
Fri, 16 Sep 2016 18:01:47 GMT
server
nginx
x-powered-by
PleskLin
etag
"57dc338b-2fb0"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
12208
branding.css
cse.google.com/cse/api/
Redirect Chain
  • https://www.google.com/cse/api/branding.css
  • https://cse.google.com/cse/api/branding.css
1 KB
714 B
Stylesheet
General
Full URL
https://cse.google.com/cse/api/branding.css
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 17 Nov 2007 23:34:50 GMT
server
pfe
age
908
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
322
x-xss-protection
0
expires
Tue, 20 Jul 2021 19:09:55 GMT

Redirect headers

date
Tue, 20 Jul 2021 18:47:45 GMT
x-content-type-options
nosniff
server
sffe
age
438
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/api/branding.css
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Tue, 20 Jul 2021 19:17:45 GMT
poweredby_FFFFFF.gif
www.google.com/images/poweredby_transparent/
488 B
665 B
Image
General
Full URL
https://www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif
Requested by
Host: www.windows10help.nl
URL: https://www.windows10help.nl/f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
488
x-xss-protection
0
expires
Tue, 20 Jul 2021 18:55:03 GMT
foto.jpg
www.windows10help.nl/
20 KB
20 KB
Image
General
Full URL
https://www.windows10help.nl/foto.jpg
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
936cf0bd56930d89a02f5a8b196a2cabffa10bf18f934419e447242d6f6f72c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
last-modified
Thu, 06 Sep 2018 19:22:38 GMT
server
nginx
x-powered-by
PleskLin
etag
"5b917e7e-4fd2"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
20434
cookie.js
partner.googleadservices.com/gampad/
206 B
663 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=windows10help.nl&callback=_gfp_s_&client=ca-pub-2550509481199141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e20eb4546a09633d5e99afc237ce4927236c7d94e03ee9e459430ead2241192f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=windows10help.nl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=windows10help.nl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CDA3
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2550509481199141&output=html&adk=1812271804&adf=3025194257&lmt=1625991435&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows10help.nl%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626807303050&bpp=15&bdt=91&idt=83&shv=r20210714&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3473890678071&frm=20&pv=2&ga_vid=736161152.1626807303&ga_sid=1626807303&ga_hid=1131804813&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1074448299861589&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2550509481199141&output=html&adk=1812271804&adf=3025194257&lmt=1625991435&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows10help.nl%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626807303050&bpp=15&bdt=91&idt=83&shv=r20210714&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3473890678071&frm=20&pv=2&ga_vid=736161152.1626807303&ga_sid=1626807303&ga_hid=1131804813&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1074448299861589&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows10help.nl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows10help.nl/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 20 Jul 2021 18:55:03 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 20-Jul-2021 19:10:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Jul 2021 18:55:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434913869424"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28061
x-xss-protection
0
expires
Tue, 20 Jul 2021 18:55:03 GMT
w10versies.jpg
windows10help.nl/
33 KB
33 KB
Image
General
Full URL
https://windows10help.nl/w10versies.jpg
Requested by
Host: windows10help.nl
URL: https://windows10help.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:16e8:1115:40::10 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
23cd037ab1aca094699210655a4bb019206cb84df5a3b9a3fb76553938ea909e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

:path
/w10versies.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windows10help.nl
referer
https://windows10help.nl/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
last-modified
Tue, 01 Jun 2021 12:02:04 GMT
server
nginx
x-powered-by
PleskLin
etag
"60b621bc-8295"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
33429
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210714&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b42a3ddb6b83d7b11405b1bca6834bfc2c8a14308a3eef66b69db7abe854163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8417
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210714/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2550509481199141&plah=windows10help.nl&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 20 Jul 2021 18:55:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1C5C
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows10help.nl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows10help.nl/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 20 Jul 2021 18:23:41 GMT
expires
Wed, 20 Jul 2022 18:23:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D522
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bdbd984eb7caaaa1effd471c11f9504c3771c3f674a80d70a85733971e1557f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EK3tgz/hOpv9n0vVdT2J/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windows10help.nl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windows10help.nl/

Response headers

expires
Tue, 20 Jul 2021 18:55:03 GMT
date
Tue, 20 Jul 2021 18:55:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-EK3tgz/hOpv9n0vVdT2J/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js
pagead2.googlesyndication.com/bg/ Frame 1C5C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
2295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 18:16:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210714&jk=1074448299861589&bg=!goGlgcXNAAZjFomlYxY7ACkAdvg8WuYUr8fmateXpbSjr3waY5tV22JxFfsXVEY5FRah49bG3XHcyAIAAABeUgAAAAtoAQcKAOitqnluR0hrpKYaFc-UgkeMaP7JhAWNu_iK28Th2GoOHqj3X94pW9cIXcxXZ-YI3y2dm4zvSFB1F71_M7Vw2vDIAn7f_s5Zl_rpiQQIQ9LTUb6--BBPYKhI-d2Kb9_NJ7-xNTZadApOr-QEsBAnCyuIidQZ9otoQxD8p3IaA2lV_sZu2_tD4dGoiL7fH6w-0LeDYTQHfFuFyO4AlpZPTi6vmxtoq_xzGygkO6adNbrzNknE8u75LZkU6XfnUEYyp60p9Taq2e8QMQbvbJ7ZCQ8YOMpxQT52vkxTZRoXlnbrfkWQxi0u41Q4mQJ_8Bdh9iHsbIErIqNVuDDsA9uAzx6FR2FlHoJQ319C9LeIvZBJOhQ06dwlevRVp9zgNLHodhUag7x6gSJCdbMGNZn36XB81ny7eY4SdmS87_9pX8oCUyqi1ro_F-8S9bs6wBz99WDrl3CAV_psr_SpUe2KkzwA9EZFhGaRje7ilbLhcJmTRCnNDqfJ2OqsGGmb2jEludD1aZ1hCbvsY4G0sChcHI-rpJe3njiZg3DkWgQY83YvLhuoKsqiz4s_orUyFR-EbxAKxC4CAQr7bh8J9V0VpoLpi6ke54NAGjk4Yt-Vhf-gJSr5G2GcJhdLg2cFbOS6iNL1oZZ4r5pwjuX1I74sw7Lu0xW1-wfeM76C9W8vJJBGnNqtVmQHPwkYELCV8mBuBbKRJ_Ar_oI8wD5SufbKguRWH7vKTTEdgx0QIyaHWqVX7L_eGM5bJnHpSZKIcd3sMOMhO8nbFkV18t8kCm1QioPO3s-bWlNb7cwd9skbDtymhRhjwsOPHMB3S5tHwpBwBdF8srQXwJ2YLkiwwWb75JyDyBkD8fNJs2eEnzGUL2FP_BmQZeFm1uyb19MiopnqEZJMptSze4KZb0YnKMZHiBYOSDkiL394kjOJAxemrVevH5jRo0jSNSINwLFZiGpocfV2vmgNm2WzhVnJV5xSv28PunTPF0nqmiWvfKpbUux874wPWe4Z6XdHVI5Umr_A9gCSvhjsYILteY7Sp_y7F3EBfT4DWtuq1tb7VMI_CLuefSWVFsdQ8Y6KF4OSfOpYSdoYEhhF5sgdhPTqSaQ9s_uNha6rHFuOi5XbNkkrlpVur8bU7mMZykWPGONQ1pto8hMGAfmMlfRvRPJm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windows10help.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Jul 2021 18:55:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async object| day object| month object| now function| W function| WB function| WC function| WE function| WT function| W2 function| W3 function| B function| TOPWIT function| TOPWITS function| D function| DB function| G function| GP function| BI function| YA function| SE function| VE function| VECAT function| VEAZ function| GN function| GI function| GNO function| L function| LKL function| LMZ function| LMB function| F function| P function| T function| TG function| YV function| PG function| LS function| LSK function| DG function| SG function| MM function| MMI function| ZY function| JA function| V function| VOL function| VOLM function| GV function| GVK function| KL function| VS function| VSB function| VSBN function| VSS function| LSS function| ST function| STW function| STWT function| TIT function| TITR function| TITK function| TITKB function| TITKG function| TITKR function| TTIT function| NOI function| OBB function| OY function| OZ function| AZbalk function| SB function| TA function| TAK function| TE function| XE function| XESELF function| XEGE function| XEGEB function| XEGEBW function| XEGEWSELF function| XEGESELF function| XEORSELF function| XEOR function| XEGGSELF function| XEGGBLAN function| XEMB function| XEMBSELF function| XEGN function| XEGNW function| XEGNSELF function| XEROOD function| XEROOD2 function| XEROOD3 function| XEROOD4B function| XEROOD4 function| XEROOD5 function| XEROOD6 function| XEROOD7 function| XEROOD8 function| XEROOD9 function| XEROOD10 function| XEROOD11 function| XEROOD12 function| XEROOD15 function| XEROOD13 function| XEROOD14 function| XEROODleeg function| XELB function| XEW function| XZ function| XZW function| XZS function| XES function| XESC function| XEK function| XEKN function| XEKB function| TB function| TS function| C function| N function| E function| JO function| JU function| JI function| Ge function| GeGeel function| Gew function| Ges function| Gess function| UC function| UE function| UF function| GIBX function| GIE function| GS function| GSUK function| GSOH function| IBX function| IE function| S function| SCAT function| QCAT function| SDT function| SD1 function| SD function| QAZ function| Q function| QBL function| ZB function| ZBOUTLOOK function| ZE function| TV function| titel function| osn function| TEIR function| BN function| BNS function| BN2 function| WNBLB function| WNBLBR function| WBL function| aza function| azbb function| azc function| azd function| aze function| azf function| azg function| azh function| azi function| azj function| GOO function| Bbalk function| Menubalk function| Rbalk function| RoodMenu function| RELMapple function| RELMwindows function| RELMgoogle function| RELMoffice function| RELMemail function| RELMbrowser function| RELMexcel function| RELMavm function| GroenMenu function| GAZmenu function| TopMenu function| LinkMenu function| Driver function| Zbalk function| Wbalk function| Offbalk function| Socialbalk function| Cloudbalk function| Applebalk function| Googlebalk function| Bedrijvenbalk function| Phonebalk function| RTVbalk function| Emailbalk function| Netbalk function| Obalk function| NewsMenu function| Foot function| HBovenBalk function| HOnderBalk function| BovenBalk function| OnderBalk string| e string| f string| agkleur function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.windows10help.nl/ Name: __gads
Value: ID=2853e5eebd0649c1-22fbcd9d71c900f8:T=1626807303:RT=1626807303:S=ALNI_MZ90S8nw7KFRCpQXPwfYEaxdNI4gA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cse.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
windows10help.nl
www.google.com
www.googletagservices.com
www.startnederland.nl
www.windows10help.nl
2001:16e8:1115:40::10
216.58.212.162
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
23cd037ab1aca094699210655a4bb019206cb84df5a3b9a3fb76553938ea909e
314fc2e3c7198e5393f77f95d09877426dd7da6d39b61838d377eccf759b6c8b
3b42a3ddb6b83d7b11405b1bca6834bfc2c8a14308a3eef66b69db7abe854163
475eedf52b42993152acaad52650e40a610dcc6700bd4f3c9be637ed682aa8d9
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
565f75bc7b966de69c844c4590cebd812a7b71b7b7a59534a3f848a4e59fa9c8
619974135f4590de7fa6f2c4185e1241e576590f21d64408238903f92d21b342
6285872380f5e02b6e6099b114f3af3981ec7fe3bea7b8af1d6e85e1b6267b4a
6b0cf1ccb11e5092d5b8f51e0dd5e471e0144bec3ddbe8769370d46e541bc0d4
6d8324ef3fe794e70365e9dfbc4c58168c70d817c146a10780fdf8de646efaf9
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3
936cf0bd56930d89a02f5a8b196a2cabffa10bf18f934419e447242d6f6f72c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
bcdbbfbdf33541305ec627b84f50cbb483f5fc2fc2c7e69e725418e477e13aee
bdbd984eb7caaaa1effd471c11f9504c3771c3f674a80d70a85733971e1557f3
dbc3536b7282db11d1d9840ee39eed9e70f5bc3d100e10f11a1aae5d63eec0b1
e20eb4546a09633d5e99afc237ce4927236c7d94e03ee9e459430ead2241192f
e37c337b34b27b15c0c3b920f3c9575ce05e4b9f5ad0c106abf01c90000347a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe