www.winhelponline.com Open in urlscan Pro
2606:4700:3032::ac43:c7ab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.winhelponline.com/
Effective URL:
https://www.winhelponline.com/
Submission: On June 16 via manual (June 16th 2020, 11:41:42 am UTC) from GB

Summary HTTP 192 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 21 domains to perform 192 HTTP transactions. The main IP is 2606:4700:3032::ac43:c7ab, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.winhelponline.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 8th 2020. Valid for: 6 months.

This is the only time www.winhelponline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	2606:4700:303... 2606:4700:3032::ac43:c7ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:e0:... 2606:4700:e0::ac40:6f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
23	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
14	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
6	3.126.196.163 3.126.196.163	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:215... 2600:9000:215d:4600:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.200 91.228.74.200	27281 (QUANTCAST) (QUANTCAST)
1 3	23.42.18.223 23.42.18.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:215d:fe00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.136 91.228.74.136	27281 (QUANTCAST) (QUANTCAST)
192	31

59 2606:4700:3032::ac43:c7ab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.winhelponline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e0::ac40:6f05 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.64.11 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

absorbingcorn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.196.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:4600:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.200 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.42.18.223 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-18-223.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:fe00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.136 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	winhelponline.com 1 redirects www.winhelponline.com	142 KB
27	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	179 KB
19	googlesyndication.com pagead2.googlesyndication.com edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com tpc.googlesyndication.com	173 KB
16	wp.com i0.wp.com i2.wp.com i1.wp.com stats.wp.com pixel.wp.com	238 KB
13	google.com 1 redirects adservice.google.com cse.google.com www.google.com clients1.google.com	186 KB
11	ampproject.org cdn.ampproject.org	220 KB
8	google-analytics.com www.google-analytics.com ssl.google-analytics.com	35 KB
7	ezoic.net g.ezoic.net go.ezoic.net	2 KB
6	gstatic.com fonts.gstatic.com	62 KB
6	googleapis.com fonts.googleapis.com www.googleapis.com	5 KB
5	ezodn.com go.ezodn.com ezodn.com	91 KB
4	absorbingcorn.com absorbingcorn.com	29 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	criteo.net static.criteo.net	41 KB
2	lijit.com ap.lijit.com	730 B
1	quantcount.com rules.quantcount.com	350 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.ee adservice.google.ee	952 B
1	criteo.com bidder.criteo.com	151 B
1	adnxs.com ib.adnxs.com	1 KB
192	21

	Domain	Requested by
59	www.winhelponline.com	1 redirects www.winhelponline.com
23	securepubads.g.doubleclick.net	www.winhelponline.com securepubads.g.doubleclick.net
11	cdn.ampproject.org	securepubads.g.doubleclick.net pagead2.googlesyndication.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net absorbingcorn.com pagead2.googlesyndication.com tpc.googlesyndication.com www.winhelponline.com cdn.ampproject.org
8	www.google.com	1 redirects cse.google.com www.google.com www.winhelponline.com
6	fonts.gstatic.com	www.winhelponline.com cdn.ampproject.org
6	g.ezoic.net	www.winhelponline.com
6	i0.wp.com	www.winhelponline.com
6	pagead2.googlesyndication.com	www.winhelponline.com pagead2.googlesyndication.com
5	ssl.google-analytics.com	www.winhelponline.com
5	i1.wp.com	www.winhelponline.com
5	fonts.googleapis.com	www.winhelponline.com securepubads.g.doubleclick.net
4	absorbingcorn.com	www.winhelponline.com absorbingcorn.com
4	ezodn.com	www.winhelponline.com
3	sb.scorecardresearch.com	1 redirects go.ezoic.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.winhelponline.com
3	edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	i2.wp.com	www.winhelponline.com
3	www.google-analytics.com	www.winhelponline.com
2	static.criteo.net	go.ezodn.com static.criteo.net
2	cse.google.com	www.winhelponline.com www.google.com
2	ap.lijit.com	go.ezodn.com
2	adservice.google.com	www.winhelponline.com securepubads.g.doubleclick.net
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	go.ezoic.net	www.winhelponline.com
1	ad.doubleclick.net	absorbingcorn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.winhelponline.com
1	clients1.google.com	www.winhelponline.com
1	www.googleapis.com	www.winhelponline.com
1	adservice.google.ee	securepubads.g.doubleclick.net
1	bidder.criteo.com	go.ezodn.com
1	ib.adnxs.com	go.ezodn.com
1	stats.wp.com	www.winhelponline.com
1	go.ezodn.com	www.winhelponline.com
192	37

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.twitter.com
www.facebook.com
ms-windows-store
monitor20.sucuri.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-08` - `2020-10-09`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
absorbingcorn.com Let's Encrypt Authority X3	`2020-04-27` - `2020-07-26`	3 months	crt.sh
ezoic.net Let's Encrypt Authority X3	`2020-05-28` - `2020-08-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.ee GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.ezoic.net Amazon	`2020-03-15` - `2021-04-15`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.winhelponline.com/
Frame ID: 3F7C08CBBB2D6910CBF156392B64AF6E
Requests: 158 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200609/r20190131/zrt_lookup.html
Frame ID: 6CA5A7CA340BB4F59DDCFEEE20477EA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1592307684&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32896%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.winhelponline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1592307684137&bpp=5&bdt=686&idt=70&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8203247210674&frm=20&pv=2&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=1&ga_wpids=UA-131124027-30&iag=0&icsg=57159749468146&dssz=87&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=3007476603398275&pem=573&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=86
Frame ID: 11BFD96F650D066A86119C0D96308783
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 06E939D0E7AB23F21F1C9452646DB79C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 2EA52AF891ECA106BBA8AEE3C77A6627
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=8711458
Frame ID: C0BB9388F520FEE3B7E6AAC7982E8DA3
Requests: 1 HTTP requests in this frame

Frame: https://edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 9B42A6FD7F5CEC9ACD58DCDC8B7F44EA
Requests: 1 HTTP requests in this frame

Frame: https://edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8E319F57E49E6D0CF6FEE807636504A4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: A4B86192B21FC75DE994ED1CF685A224
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: E212B473EF35006449EDCD4AA92EC119
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.winhelponline.com/ HTTP 301
https://www.winhelponline.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

192
Requests

100 %
HTTPS

60 %
IPv6

21
Domains

37
Subdomains

31
IPs

6
Countries

1445 kB
Transfer

3840 kB
Size

30
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.twitter.com/winhelponline
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winhelponline
Title:

Search URL Search Domain Scan URL

URL: http://ms-windows-store//collection/?CollectionId=EdgeExtensions
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://monitor20.sucuri.net/verify.php?r=0bc7cc656a57aa9abe9ea05ecf891d632f437b4fe7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.winhelponline.com/ HTTP 301
https://www.winhelponline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 185

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1592307689724&ns_c=UTF-8&cv=3.5&c8=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&c7=https%3A%2F%2Fwww.winhelponline.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1592307689724&ns_c=UTF-8&cv=3.5&c8=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&c7=https%3A%2F%2Fwww.winhelponline.com%2F&c9=&cs_ak_ss=1

192 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.winhelponline.com/
Redirect Chain

http://www.winhelponline.com/
https://www.winhelponline.com/

125 KB
28 KB

1222ms
1188ms

Document
text/html

2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba80539a5c0c4bbb29e265ec112aa4c78367905a1ce64886c245ec3ab86d4da4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.winhelponline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d6354c9c30444484f58cad5e387c266401592307682
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 16 Jun 2020 11:41:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-security-policy: upgrade-insecure-requests;
display: pub_site_sol
expires: Mon, 15 Jun 2020 11:41:23 GMT
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
link: <https://www.winhelponline.com/blog/wp-json/>; rel="https://api.w.org/"
pagespeed: off
response: 200
set-cookie: ezoadgid_105367=-1; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 12:11:22 UTC ezoref_105367=; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 13:41:22 UTC ezoab_105367=mod1; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 13:41:22 UTC active_template::105367=pub_site.1592307682; Path=/; Domain=winhelponline.com; Expires=Thu, 18 Jun 2020 11:41:22 UTC ezoma_105367=999,999; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 12:11:23 UTC ezopvc_105367=1; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 12:11:23 UTC ezepvv=298; Path=/; Domain=winhelponline.com; Expires=Wed, 17 Jun 2020 11:41:23 UTC lp_105367=https://www.winhelponline.com/; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 13:41:23 UTC ezovid_105367=1119547479; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 12:11:23 UTC ezovuuidtime_105367=1592307683; Path=/; Domain=winhelponline.com; Expires=Thu, 18 Jun 2020 11:41:23 UTC ezovuuid_105367=0cf0a386-cef4-4ca7-531d-61f3571bc04a; Path=/; Domain=winhelponline.com; Expires=Tue, 16 Jun 2020 12:11:23 UTC ezCMPCCS=true; Path=/; Domain=winhelponline.com; Expires=Wed, 16 Jun 2021 11:41:23 GMT
vary: Accept-Encoding Accept-Encoding,User-Agent,X-APP-JSON
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-rocket-nginx-serving-static: No
x-sol: pub_site
x-sucuri-cache: BYPASS
x-sucuri-id: 15012
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 035e8823d80000d9217939e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4442e62ef8d921-AMS
content-encoding: br

Redirect headers

Date: Tue, 16 Jun 2020 11:41:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6354c9c30444484f58cad5e387c266401592307682; expires=Thu, 16-Jul-20 11:41:22 GMT; path=/; domain=.winhelponline.com; HttpOnly; SameSite=Lax
Cache-Control: public, max-age=86400
Location: https://www.winhelponline.com/
Vary: Accept-Encoding Accept-Encoding,X-APP-JSON
X-Middleton-Display: redirect
CF-Cache-Status: DYNAMIC
cf-request-id: 035e88238e0000fa6c00ac5200000001
Server: cloudflare
CF-RAY: 5a4442e5bfeafa6c-AMS

GET
H2 200 dall3201.js Show response
go.ezodn.com/porpoiseant/ 302 KB
88 KB 55ms
19ms Script
application/javascript 2606:4700:e0::ac40:6f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/porpoiseant/dall3201.js?cb=188-1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e43b281c6bfc7ff8352b2022ccf40aac561c38127f07f09da4294f2e58b1555

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 15:24:41 GMT
server: cloudflare
age: 1207697
etag: W/"4b811-5a6f346f0c040;5a70ca95a6bb9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
cf-ray: 5a4442edd9de9748-FRA
cf-request-id: 035e8828a200009748ce113200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3705
date: Tue, 16 Jun 2020 10:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 16 Jun 2020 12:39:38 GMT

GET
H2 200 blocks.style.build.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 2 KB
731 B 65ms
63ms Stylesheet
text/css 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
display: orig_site_sol
status: 200
x-middleton-display: orig_site_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e95ef61-8a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8828840000d9217902a200000001
cf-ray: 5a4442edae70d921-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce3cbe8f8b36401215a27db00eeb776a9d7f7a27d341db639a762176332c9f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/
Origin: https://www.winhelponline.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 11:41:23 GMT
server: ESF
date: Tue, 16 Jun 2020 11:41:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 11:41:23 GMT

GET
H2 200 front.min.css
www.winhelponline.com/blog/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 52ms
51ms Stylesheet
text/css 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
display: orig_site_sol
status: 200
x-middleton-display: orig_site_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ec2a9e8-1555-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8828840000d9217902b200000001
cf-ray: 5a4442edae73d921-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/ 79 KB
9 KB 60ms
59ms Stylesheet
text/css 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.0.1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca24c416e8f5dd9de1684ff0ff2b91eade8e321a15925bff8436f647f9cf3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
display: orig_site_sol
status: 200
x-middleton-display: orig_site_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e95ef61-13df5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8828850000d9217902c200000001
cf-ray: 5a4442edae79d921-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
www.winhelponline.com/blog/wp-content/themes/generatepress/css/ 35 KB
7 KB 23ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/themes/generatepress/css/all.min.css?ver=2.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2757456932c392ef7583352a163e434e95e76f987bbaf1cece5b72e407c778c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: orig
age: 4464
x-ezoic-cdn: Hit ds;mm;117ba45a250df93ffa6dc35ceca4efd4;2-105367-1;48896645-49fe-47d1-7471-57e618aa252c
status: 200
x-middleton-display: orig_site_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e71105d-8dae-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: text/css
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8828850000d9217902d200000001
cf-ray: 5a4442edae7cd921-AMS
display: orig_site_sol

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 21ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
14 KB 73ms
66ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

75453cd0030d72efdb8a090ebc5fb7b1b6ca24621894a689024c60103d9413e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "544 / 152 of 1000 / last-modified: 1592254337"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14462
x-xss-protection: 0
expires: Tue, 16 Jun 2020 11:41:23 GMT

GET
H2 200 boise.js Show response
ezodn.com/detroitchicago/ 983 B
513 B 23ms
16ms Script
application/javascript 2606:4700:e0::ac40:6f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/boise.js?gcb=188-1&cb=1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 295
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: public, max-age=14400
cf-ray: 5a4442ee8a569748-FRA
cf-request-id: 035e88291000009748ce11b200000001

GET
H2 200 banger.js Show response
www.winhelponline.com/porpoiseant/ 48 KB
10 KB 28ms
21ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=188-1&bv=60&v=35&PageSpeed=off
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dcb41ec9bdcb110006be19d2cc8441363f0bf827e61beed7f55c8f8a3fffc18

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 39251
cf-polished: origSize=48861
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
cf-ray: 5a4442ee8894d921-AMS
cf-request-id: 035e8829140000d92179046200000001

GET
H2 200 memphis.js Show response
ezodn.com/detroitchicago/ 5 KB
2 KB 23ms
16ms Script
application/javascript 2606:4700:e0::ac40:6f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/memphis.js?gcb=188-1&cb=1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca10f8a06498f5c3104fbf34cf163e62be492b1a214470ec765215b20a166aa

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: public, max-age=14400
cf-ray: 5a4442ee8a559748-FRA
cf-request-id: 035e88291000009748ce11a200000001

GET
H2 200 minneapolis.js Show response
ezodn.com/detroitchicago/ 737 B
496 B 22ms
15ms Script
application/javascript 2606:4700:e0::ac40:6f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/minneapolis.js?gcb=188-1&cb=1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e4bd0a1dbd75110206f95d0efc6d32899d5b53ae679f8d161dee97c84fabd0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1163
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: public, max-age=14400
cf-ray: 5a4442ee8a539748-FRA
cf-request-id: 035e88291000009748ce119200000001

GET
H2 200 raleigh.js Show response
ezodn.com/detroitchicago/ 2 KB
752 B 23ms
16ms Script
application/javascript 2606:4700:e0::ac40:6f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/raleigh.js?gcb=188-1&cb=1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7522ec08e150b85c69315fd5a1e03a2dc3a129d54e7081ec1236ca9cbeeab815

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: public, max-age=14400
cf-ray: 5a4442ee8a599748-FRA
cf-request-id: 035e88291000009748ce11c200000001

GET
H2 200 rochester.js Show response
www.winhelponline.com/detroitchicago/ 2 KB
928 B 25ms
19ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/rochester.js?cb=188-1&v=8
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 5976774
cf-polished: origSize=3195
status: 200
cf-request-id: 035e8829140000d92179047200000001
last-modified: Sat, 04 Apr 2020 21:22:03 GMT
server: cloudflare
etag: W/"c7b-5a27da00754c0;5a27da00754c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 5a4442ee8896d921-AMS
cf-bgj: minify

GET
H2 200 style-min.css
www.winhelponline.com/blog/wp-content/plugins/gp-premium/blog/functions/css/ 5 KB
1 KB 67ms
65ms Stylesheet
text/css 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/gp-premium/blog/functions/css/style-min.css?ver=1.10.0

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ae75d49a5c2449cbb5f84a56c0c0cfff6910ec402aece722e32d3a3775ab2b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-sol: orig
display: orig_site_sol
status: 200
x-middleton-display: orig_site_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea08c30-152e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e88288e0000d92179030200000001
cf-ray: 5a4442edbe9ad921-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.js Show response
www.winhelponline.com/blog/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 147332
x-ezoic-cdn: Hit ds;mm;ae1512353fe6893aa9d022c51be68761;2-105367-1;6dcf5dd1-3926-4b15-7768-d9f0fe024785
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ec2a9e8-2474-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e88288e0000d92179031200000001
cf-ray: 5a4442edbe9bd921-AMS
display: staticcontent_sol

GET
H2 200 jquery.js Show response
www.winhelponline.com/blog/wp-includes/js/jquery/ 95 KB
32 KB 25ms
23ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 688416
cf-polished: origSize=96873
x-ezoic-cdn: Miss
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 06 Jun 2020 20:38:06 GMT
server: cloudflare
etag: W/"5ce4ab44-17a69-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e88288e0000d92179032200000001
cf-ray: 5a4442edbe9cd921-AMS
display: staticcontent_sol
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
www.winhelponline.com/blog/wp-includes/js/jquery/ 10 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 541523
x-ezoic-cdn: Miss
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 06 Jun 2020 20:38:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c022163-2748-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e88288e0000d92179033200000001
cf-ray: 5a4442edbe9ed921-AMS
display: staticcontent_sol
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookieconsent.min.js Show response
www.winhelponline.com/ezoic/ 4 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/ezoic/cookieconsent.min.js
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 21:22:03 GMT
server: cloudflare
age: 5976814
etag: W/"11a4-5a27da00754c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
cf-ray: 5a4442edbe9fd921-AMS
cf-request-id: 035e88288e0000d92179034200000001
expires: Thu, 08 Apr 2021 07:27:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 109 KB
39 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6abe8b01dcfb7b666c7986f5589f4010e1855cfe61778fa2b5aebcc01abd46f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 40197
x-xss-protection: 0
server: cafe
etag: 2771208898433665754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Jun 2020 11:41:23 GMT

GET
H2 200 twitter.png
www.winhelponline.com/images/ 3 KB
3 KB 24ms
18ms Image
image/png 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winhelponline.com/images/twitter.png

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af083de22c08b63a2cb0f3c0fa48c33763b214c666c0c8c825d3db8e8f0de09e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275786
x-ezoic-cdn: Miss
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 04:06:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c04f21c-ac4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
cache-control: max-age=604800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829140000d92179048200000001
cf-ray: 5a4442ee8897d921-AMS
display: staticcontent_sol
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb.png
www.winhelponline.com/images/ 3 KB
3 KB 27ms
21ms Image
image/png 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winhelponline.com/images/fb.png

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ff0f5ad0c2de64cc772dd6c71622911e56cfe34ed9cfa763de73d3c9574cf9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 150612
x-ezoic-cdn: Hit ds;mm;99648b27804e0eb0ad4aee4d067022dc;2-105367-1;9507a3a8-5d83-40a1-5d0f-4070c68ab4fd
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c04f20c-b20-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
cache-control: max-age=604800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829140000d92179049200000001
cf-ray: 5a4442ee889ad921-AMS
display: staticcontent_sol

GET
H2 200 who-logo440px.png
i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2018/09/ 6 KB
6 KB 105ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2018/09/who-logo440px.png?fit=440%2C100&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9a40bace1c4b338325f8e29c0940a05904b1d05006531ab50e41ddd4d0ce2a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 3
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 3477
last-modified: Sat, 22 Sep 2018 16:20:50 GMT
server: nginx
etag: "357d31f67b4eb297"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2018/09/who-logo440px.png>; rel="canonical"
content-length: 6356
expires: Tue, 22 Sep 2020 04:20:50 GMT

GET
H2 200 user.png
i2.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/12/ 6 KB
6 KB 104ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/12/user.png?fit=256%2C256&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

20ad8fab297008c4685b0da5ca62653d858ac9d3757b43779440a3ba3c707a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 2
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 2630
last-modified: Thu, 08 Nov 2018 05:13:13 GMT
server: nginx
etag: "bc92fc5d341020c1"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/12/user.png>; rel="canonical"
content-length: 5796
expires: Sat, 07 Nov 2020 17:13:13 GMT

GET
H2 200 dragheight-dragwidth-sensitivity.png
i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/12/ 6 KB
6 KB 143ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/12/dragheight-dragwidth-sensitivity.png?fit=700%2C193&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

fc74ecfe73ce7f61bcaaf257b7889550bb7686c6499bed9ca26ea32a4d08fa01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 2
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 1270
last-modified: Thu, 08 Nov 2018 07:08:18 GMT
server: nginx
etag: "a911074f81f15104"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/12/dragheight-dragwidth-sensitivity.png>; rel="canonical"
content-length: 5936
expires: Sat, 07 Nov 2020 19:08:18 GMT

GET
H2 200 edge-extensions.png
i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/ 49 KB
49 KB 145ms
93ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/edge-extensions.png?fit=700%2C469&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bb4e686583a569aa9e17fb98eb973e3c9fe96fb117157c70cc8d8c729830c12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 6
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 4685
last-modified: Sat, 13 Jun 2020 21:10:36 GMT
server: nginx
etag: "ef909750b819cb24"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/11/edge-extensions.png>; rel="canonical"
content-length: 49926
expires: Tue, 14 Jun 2022 09:10:36 GMT

GET
H2 200 w10-clear-background-history.png
i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/ 16 KB
16 KB 116ms
66ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/w10-clear-background-history.png?fit=700%2C268&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

af8850f057e7d2ce6b198c0f753c5a3f9c5d577349fd4878f8fe0ea2a576a3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 2
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 4432
last-modified: Wed, 07 Nov 2018 14:51:37 GMT
server: nginx
etag: "0ca5243947e76e7f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/11/w10-clear-background-history.png>; rel="canonical"
content-length: 16250
expires: Sat, 07 Nov 2020 02:51:37 GMT

GET
H2 200 settings-cascade-menu.png
i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/ 26 KB
26 KB 129ms
80ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/settings-cascade-menu.png?fit=699%2C503&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e30498b2bf3916dd0cb8614f7a93fb95a92f42727fd668f47fa6ec496d96e398

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 6
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 3454
last-modified: Sat, 13 Jun 2020 21:10:36 GMT
server: nginx
etag: "77105bcc93a577e5"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/11/settings-cascade-menu.png>; rel="canonical"
content-length: 26674
expires: Tue, 14 Jun 2022 09:10:36 GMT

GET
H2 200 view-product-key-vbscript.png
i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/ 5 KB
6 KB 159ms
106ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/view-product-key-vbscript.png?fit=700%2C275&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

39575789b11ac70e63a594cdb36045c097b0fddbf82619e625c66b0e577c9c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 3
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 1577
last-modified: Thu, 08 Nov 2018 07:09:10 GMT
server: nginx
etag: "e08ad0101b73c4f6"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/11/view-product-key-vbscript.png>; rel="canonical"
content-length: 5534
expires: Sat, 07 Nov 2020 19:09:10 GMT

GET
H2 200 pin-any-file-taskbar-3.png
i2.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/ 1 KB
1 KB 81ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/pin-any-file-taskbar-3.png?fit=306%2C49&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bbd0b59aa1a9796663bfa8af73b2866a6142d8e64bc123da5ca6f8b29a88bd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 6
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 191
last-modified: Sat, 13 Jun 2020 21:10:36 GMT
server: nginx
etag: "181bc6b6a52681d4"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/11/pin-any-file-taskbar-3.png>; rel="canonical"
content-length: 1140
expires: Tue, 14 Jun 2022 09:10:36 GMT

GET
H2 200 notepad-replace-5.png
i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/ 7 KB
8 KB 145ms
107ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/11/notepad-replace-5.png?fit=700%2C275&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

90f6bdb8f288ac0dfa9467ddd49f9c7769de1f373692b99cd147f8a45b973c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 7
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 1494
last-modified: Tue, 09 Jun 2020 14:15:24 GMT
server: nginx
etag: "b49f90daee40c1dc"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/11/notepad-replace-5.png>; rel="canonical"
content-length: 7520
expires: Fri, 10 Jun 2022 02:15:24 GMT

GET
H2 200 w10-use-my-signin-info.jpg
i2.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/10/ 52 KB
53 KB 67ms
66ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/10/w10-use-my-signin-info.jpg?fit=700%2C300&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

8a9cbfae373134d1da89072dbb43f509b46ca20902b0421c758f5709c4b74f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 3
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 07:09:12 GMT
server: nginx
etag: "8bda991d6e374103"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/10/w10-use-my-signin-info.jpg>; rel="canonical"
content-length: 53632
expires: Sat, 07 Nov 2020 19:09:12 GMT

GET
H2 200 state-repository-cpu-usage.png
i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/10/ 36 KB
36 KB 100ms
99ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/10/state-repository-cpu-usage.png?fit=848%2C269&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a836b706a7857ae724f16d96cd4e562cd16209fbf80f59bf41d2fbcb6e23f2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 3
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 9296
last-modified: Wed, 22 May 2019 13:48:22 GMT
server: nginx
etag: "66cdb0180718d2ab"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/10/state-repository-cpu-usage.png>; rel="canonical"
content-length: 36740
expires: Sat, 22 May 2021 01:48:22 GMT

GET
H2 200 mct-error-0x80072f76.png
i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/10/ 4 KB
4 KB 113ms
112ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.winhelponline.com/blog/wp-content/uploads/2017/10/mct-error-0x80072f76.png?fit=702%2C300&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

23185d78f5eb3badb6f83620222a6e0788d66c5d478ac069f6b9574661567345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 4
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 3413
last-modified: Sun, 09 Jun 2019 16:42:50 GMT
server: nginx
etag: "75e774f81eac954c"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2017/10/mct-error-0x80072f76.png>; rel="canonical"
content-length: 4152
expires: Wed, 09 Jun 2021 04:42:50 GMT

GET
H2 200 w7-stuck-checking-windows-updates.png
i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2019/07/ 10 KB
10 KB 90ms
88ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2019/07/w7-stuck-checking-windows-updates.png?fit=702%2C345&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ed1cf601f8038889cbf5b608bd5a1a89c2774c054a46cbaa9038d8dd092d9a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 5
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 2166
last-modified: Sat, 13 Jun 2020 21:10:36 GMT
server: nginx
etag: "1439766cf3644110"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2019/07/w7-stuck-checking-windows-updates.png>; rel="canonical"
content-length: 10358
expires: Tue, 14 Jun 2022 09:10:36 GMT

GET
H2 200 portablebaselayer-1.png
i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2019/07/ 8 KB
8 KB 93ms
92ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.winhelponline.com/blog/wp-content/uploads/2019/07/portablebaselayer-1.png?fit=698%2C235&quality=100&ssl=1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

fff653c6fc2cc024328939230b9f69bbfbeff424e7df3191c98f2a5fb47afb8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT arn 8
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
x-bytes-saved: 1235
last-modified: Sat, 13 Jun 2020 21:10:36 GMT
server: nginx
etag: "1635c16ae7606041"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.winhelponline.com/blog/wp-content/uploads/2019/07/portablebaselayer-1.png>; rel="canonical"
content-length: 7762
expires: Tue, 14 Jun 2022 09:10:36 GMT

GET
H2 200 new-badge-d.png
www.winhelponline.com/ 2 KB
2 KB 24ms
20ms Image
image/png 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winhelponline.com/new-badge-d.png

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a84f9e532615760fdc5111d22aa579a6df5ae2cefa822aa53f195d3553d20ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 254612
x-ezoic-cdn: Miss
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: MISS
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 10:11:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c04f631-7c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
cache-control: max-age=604800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829140000d9217904a200000001
cf-ray: 5a4442ee889bd921-AMS
display: staticcontent_sol
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 photon.min.js Show response
www.winhelponline.com/blog/wp-content/plugins/jetpack/_inc/build/photon/ 758 B
556 B 23ms
22ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57013
x-ezoic-cdn: Miss
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ed72054-2f6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8828cb0000d92179038200000001
cf-ray: 5a4442ee1f84d921-AMS
display: staticcontent_sol
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.min.js Show response
www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/ 16 KB
5 KB 24ms
24ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.0.1

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa9ac3f72c12a21d7d6b62f0e782718466850f8c7af0a2ff84b534fb396f86cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 161046
x-ezoic-cdn: Hit ds;mm;dfa7d2ddba7acf27bddd0da38f8ef750;2-105367-1;6b353bc1-972f-437e-525e-16b147268fe9
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sun, 14 Jun 2020 07:58:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e95ef61-4034-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8828f00000d9217903e200000001
cf-ray: 5a4442ee4ff7d921-AMS
display: staticcontent_sol

GET
H2 200 menu.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/js/ 4 KB
1 KB 527ms
520ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/themes/generatepress/js/menu.min.js?ver=2.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f39d3bfd77bd9b83cebee50aa8b613675f2482ec939d86abff740ad3babead7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
display: staticcontent_sol
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: REVALIDATED
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e71105d-100d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829130000d92179042200000001
cf-ray: 5a4442ee888bd921-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a11y.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/js/ 2 KB
1 KB 27ms
20ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/themes/generatepress/js/a11y.min.js?ver=2.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5dec6d66da315927edbf4e112d92fb83df28b3cbdc72c7f8123f3f16ace13b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57013
x-ezoic-cdn: Hit ds;mm;1faed5d4d3366847b8eb20bc74f73225;2-105367-1;47b14259-f46e-442e-5a84-925a5c9f1a78
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e71105d-87a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829130000d92179043200000001
cf-ray: 5a4442ee888ed921-AMS
display: staticcontent_sol

GET
H2 200 navigation-search.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/js/ 2 KB
822 B 27ms
20ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/themes/generatepress/js/navigation-search.min.js?ver=2.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8158b9745ce93ef1507998268ff6a7c11a35c5f4dd86ecca4a3e9ffef5d350bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57013
x-ezoic-cdn: Hit ds;mm;3d7103351ad80818f9fb8e70c3c43e59;2-105367-1;166bc928-9bc2-45c6-6d17-802e8d78b63f
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e71105d-8a5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829130000d92179044200000001
cf-ray: 5a4442ee8891d921-AMS
display: staticcontent_sol

GET
H2 200 back-to-top.min.js Show response
www.winhelponline.com/blog/wp-content/themes/generatepress/js/ 689 B
531 B 31ms
24ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/themes/generatepress/js/back-to-top.min.js?ver=2.4.2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71fd58c2bd32aa7d0053733d7b70a007edbaa5e446afd0afa3dea57cde220b26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 582
x-ezoic-cdn: Hit ds;mm;04ee5e913470cc3f8a424b5b2bc6f3ce;2-105367-1;be570a67-e14e-4d11-4498-f0a52506a84f
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e71105d-2b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type: application/javascript
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829130000d92179045200000001
cf-ray: 5a4442ee8892d921-AMS
display: staticcontent_sol

GET
H2 200 e-202025.js Show response
stats.wp.com/ 9 KB
3 KB 102ms
31ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202025.js
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 13 Jun 2021 23:49:43 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 16ms
15ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1621317567&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winhelponline.com%2F&ul=en-us&de=UTF-8&dt=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=832572623&gjid=1149162282&cid=225777608.1592307683&tid=UA-4931296-3&_gid=842185073.1592307683&_r=1&z=10730739

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 46 B
730 B 251ms
134ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.20.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/dall3201.js?cb=188-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d765571464e5ebee8761b77771aacdf3688ae515992a46d5b4a3cd1f827d7d84

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Jun 2020 11:41:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.winhelponline.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 186ms
80ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/dall3201.js?cb=188-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ef9b6b45355ab7c577d79122d80b0eb4d85f44ff4860dfdb54059b7f933920a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Jun 2020 11:41:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.54:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 471724a2-afd6-4c00-9d9b-d0feac297e2a
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.winhelponline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
151 B 169ms
58ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.20.0&cb=27811889732
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/dall3201.js?cb=188-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 16 Jun 2020 11:41:23 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.winhelponline.com
timing-allow-origin: *
vary: Origin

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1621317567&t=pageview&_s=2&dl=https%3A%2F%2Fwww.winhelponline.com%2F&ul=en-us&de=UTF-8&dt=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEAB~&jid=&gjid=&cid=225777608.1592307683&tid=UA-4931296-3&_gid=842185073.1592307683&z=1661795744

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 18:22:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 494328
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT Show response
absorbingcorn.com/v2/0/ 91 KB
28 KB 244ms
83ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingcorn.com/v2/0/wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

b047229b6e69ca37475212066e866557d80e3b35a9e49ad6cb0a98d6e8d7f91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "d99d8bfa0e326943efffa7532e612753e2bef6c9dd403c079d8c1b83016a087c"
vary: Accept-Encoding, Accept-Language
x-hostname: taylor
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Tue, 16 Jun 2020 11:41:23 GMT
timing-allow-origin: *

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 4704
date: Tue, 16 Jun 2020 10:22:59 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 16 Jun 2020 12:22:59 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 528 B
494 B 176ms
60ms Script
text/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 3aab52edc97580682cd0398f7bbd9121c9c0265e79c9f1c2cc586272b88aa23b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: nginx/1.16.0
etag: 76902892404fa34380096b08dedb4e43
vary: Accept-Encoding, Accept-Encoding,X-APP-JSON
content-type: text/javascript
status: 200
cache-control: max-age=999999, private
content-length: 255
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic
Origin: https://www.winhelponline.com

Response headers

date: Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 567331
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:05:52 GMT

GET
H2 200 generatepress.woff2
www.winhelponline.com/blog/wp-content/themes/generatepress/fonts/ 1 KB
2 KB 19ms
18ms Font
font/woff2 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winhelponline.com/blog/wp-content/themes/generatepress/fonts/generatepress.woff2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/
Origin: https://www.winhelponline.com

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93800
x-ezoic-cdn: Hit ds;mm;da5b2788954d08380f0c21883fb32767;2-105367-1;42b6990f-a30d-44a4-7b7c-1f9f32fd5151
status: 200
x-middleton-display: staticcontent_sol
x-sucuri-cache: HIT
x-middleton-response: 200
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding,X-APP-JSON
content-length: 1264
x-xss-protection: 1; mode=block
x-rocket-nginx-serving-static: No
response: 200
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e71105d-4f0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.winhelponline.com
cache-control: max-age=172800
x-sucuri-id: 15012
content-security-policy: upgrade-insecure-requests;
cf-request-id: 035e8829190000d9217904c200000001
accept-ranges: bytes
cf-ray: 5a4442ee88a5d921-AMS
display: staticcontent_sol

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic
Origin: https://www.winhelponline.com

Response headers

date: Thu, 11 Jun 2020 05:02:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 455932
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:02:31 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 11 KB
4 KB 64ms
43ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

a679b68f60a7c0c08847a24b34801ff292d8aef956e3e8c5df134ca0b10a4c16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3503
x-xss-protection: 0
expires: Tue, 16 Jun 2020 11:41:23 GMT

GET
H2 200 imp.gif
www.winhelponline.com/detroitchicago/ 43 B
196 B 34ms
34ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A1%2C%22ad_location_ids%22%3A%220%2C0%2C0%2C0%2C4%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A3%2C%22bidder_version%22%3A5%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A105367%2C%22domain_test_group%22%3A20200404%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22602%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A7%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A4%2C%22page_ad_positions%22%3A%221102%2C1102%2C1102%2C1102%2C1116%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22e5367570-25f2-49a2-5789-6165cf6bf5b3%22%2C%22position_selection_id%22%3A32%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A795%2C%22serverid%22%3A%2218.156.194.18%3A25240%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221102%2C1102%2C1102%2C1102%2C1116%22%2C%22t_epoch%22%3A1592307682%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.winhelponline.com%2Fblog%2Fhow-to-use-reg-files-registration-entries-windows%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1140%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 5a4442ef7a84d921-AMS
content-length: 43
cf-request-id: 035e8829aa0000d92179056200000001

GET
H2 200 nmash.js
www.winhelponline.com/porpoiseant/ 21 KB
5 KB 20ms
19ms Other
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/nmash.js?v=60
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=188-1&bv=60&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2550a0f31648f0f97293f0818c60d477a8c0280d5a52d19ea8b73e04b754792

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 39251
cf-polished: origSize=21629
status: 200
cf-request-id: 035e8829ad0000d92179057200000001
last-modified: Sat, 13 Jun 2020 03:59:32 GMT
server: cloudflare
etag: W/"547d-5a7ef38971100;5a7ef38971100-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 5a4442ef7a90d921-AMS
cf-bgj: minify

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
123 B 161ms
58ms Script
text/html 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 16 Jun 2020 11:41:23 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding,X-APP-JSON
content-type: text/html; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.ee/adsid/ 109 B
952 B 56ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ee/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 122 B
184 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winhelponline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7a64c902668f1f7cc5674c4aa5737c8f411d259ca8c80239e468141ab36c7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0

GET
H2 200 pubads_impl_2020060103.js Show response
securepubads.g.doubleclick.net/gpt/ 246 KB
88 KB 66ms
66ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 18:46:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90085
x-xss-protection: 0
expires: Tue, 16 Jun 2020 11:41:23 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/57975621473fd078/ 261 KB
86 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Jun 2020 10:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 13:21:59 GMT
server: sffe
age: 89547
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88380
x-xss-protection: 0
expires: Tue, 15 Jun 2021 10:48:56 GMT

GET
H2 200 default_v2+en.css
www.google.com/cse/static/element/57975621473fd078/ 40 KB
9 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/57975621473fd078/default_v2+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50f20ecac24eeea05e7fc20c4f5d20b5075e061fd067d1f956e424fe010dcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Jun 2020 10:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 13:21:59 GMT
server: sffe
age: 89541
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8905
x-xss-protection: 0
expires: Tue, 15 Jun 2021 10:49:02 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009756984466592281047:crsu4qcnxmm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2b5aedab6d8d1c405b309e966859cc6f9f836039b5b4999d15dfc25307e8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 221
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Tue, 16 Jun 2020 12:27:42 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
98 B 13ms
12ms Image
image/gif 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1845842027&utmhn=www.winhelponline.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&utmhid=1621317567&utmr=-&utmp=%2F&utmht=1592307683821&utmac=UA-131124027-30&utmcc=__utma%3D95264154.225777608.1592307683.1592307684.1592307684.1%3B%2B__utmz%3D95264154.1592307684.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=401571324&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAABAABE~

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1171998374&utmhn=www.winhelponline.com&utme=8(template*domain)9(pub_site*winhelponline.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&utmhid=1621317567&utmr=-&utmp=%2F&utmht=1592307683824&utmac=UA-38339005-1&utmcc=__utma%3D95264154.225777608.1592307683.1592307684.1592307684.1%3B%2B__utmz%3D95264154.1592307684.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2022506242&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAABAABE~

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 11:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
421 B 406ms
404ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=372359594900944&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D280%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D33%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29&cookie_enabled=1&bc=31&abxe=1&lmt=1592307683&dt=1592307683905&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=283&adks=3917434485&ucis=1&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0C9C11|color_text,,000000|color_url,,0C9C11&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=68&icsg=36012494563903&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=true&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

15bfa40a4ff011afd1c2222cea81f05dbfaccbfef7a55909167c564bda789476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 38ms
13ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
393 B 610ms
610ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=372359594900944&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D280%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29&cookie_enabled=1&bc=31&abxe=1&lmt=1592307683&dt=1592307683923&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=556&adks=1611167343&ucis=2&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=68&icsg=36012494563903&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=true&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f0dc9317c0a34d5a278ffd0cf42c4f08a3e58b7e978c4111dd60d82d015f63d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
390 B 847ms
846ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=372359594900944&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D280%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D33%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29&cookie_enabled=1&bc=31&abxe=1&lmt=1592307683&dt=1592307683930&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=829&adks=1649313398&ucis=3&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=68&icsg=36012494563903&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=true&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

464fdb5d396506099090df470b4a8094185ecd4561911b9e9e797525cfff50c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
397 B 1043ms
1043ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=372359594900944&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D280%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D64%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29&cookie_enabled=1&bc=31&abxe=1&lmt=1592307683&dt=1592307683939&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=1102&adks=279619605&ucis=4&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=68&icsg=36012494563903&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=true&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

522d9779be19c8a7d09b9376f9acee874bd91b5cdcdd0d38333b16c56fc0e1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
402 B 1116ms
1116ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=372359594900944&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3D8de2c8ca79e8623e3cb37120a35ebaa2%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D240%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30&cookie_enabled=1&bc=31&abxe=1&lmt=1592307683&dt=1592307683946&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=5&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=68&icsg=36012494563903&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=true&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5d6f11b8e6b9ba75a8c44390b788d37d66d2674fa1f12b995b000360b16a8a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
271 B 40ms
39ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiI3NjkwMjg5MjQwNGZhMzQzODAwOTZiMDhkZWRiNGU0MyJ9XX1d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:23 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f0cd47d921-AMS
content-length: 43
cf-request-id: 035e882a7f0000d9217906b200000001
expires: Mon, 15 Jun 2020 11:41:23 UTC

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
150 B 31ms
30ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoiZXh0X3VzZXJfaGFzaCIsInZhbCI6Ik5UIn1dfV0=
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f1cf54d921-AMS
content-length: 43
cf-request-id: 035e882b200000d9217907a200000001
expires: Mon, 15 Jun 2020 11:41:24 UTC

GET
H2 200 edmonton.webp Show response
www.winhelponline.com/detroitchicago/ 13 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/detroitchicago/edmonton.webp?a=a&cb=188-1&shcb=33
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcdba4d84ec96a913e3d42ebaa7e837ba00a8eeeba35bb90130fcb362a8318a7

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 471738
cf-polished: origSize=13946
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5a4442f1cf57d921-AMS
cf-request-id: 035e882b210000d9217907b200000001

GET
H2 200 jellyfish.webp Show response
www.winhelponline.com/porpoiseant/ 40 KB
9 KB 23ms
22ms Script
application/javascript 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/porpoiseant/jellyfish.webp?a=a&cb=188-1&shcb=33
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f93e1f2ab62d16330b581034f50714fdcaed8705a6fa935e0ab74035565055

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 467296
cf-polished: origSize=59186
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5a4442f1df5bd921-AMS
cf-request-id: 035e882b220000d9217907c200000001

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/ 218 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83998
x-xss-protection: 0
server: cafe
etag: 18154689148218973145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jun 2020 11:41:24 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200609/r20190131/ Frame 6CA5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200609/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200609/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winhelponline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 11 Jun 2020 20:46:29 GMT
expires: Thu, 25 Jun 2020 20:46:29 GMT
content-type: text/html; charset=UTF-8
etag: 12274286891180784318
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4510
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 399295
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 81 KB
30 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aadc3759968454b0c43775a95c3f9229cd36c390b9686854c32b68aac3b85bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 30586
x-xss-protection: 0
server: cafe
etag: 3423674357513534426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Jun 2020 11:41:24 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 171 KB
60 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2cbe1b2e4a973448c595809e1902aaf769ff996861094c2faf104a9ba279288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "568530143930035471"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 16 Jun 2020 11:41:24 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/57975621473fd078/default_v2+en.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 20:38:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 399794
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:38:10 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 00:16:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 386700
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:16:24 GMT

GET
H2 200 nav_logo114.png
www.google.com/images/ 22 KB
23 KB 7ms
6ms Image
image/png 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/nav_logo114.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b280b516f629c540111e06cfbb9767dd4f257e143583ee31868a1503f9836c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/57975621473fd078/default_v2+en.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 00:22:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
age: 386307
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23010
x-xss-protection: 0
expires: Sat, 20 Jun 2020 00:22:57 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
244 B 28ms
5ms Image
text/plain 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Tue, 16 Jun 2020 11:41:24 GMT
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
263 B 35ms
9ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Tue, 16 Jun 2020 11:41:24 GMT
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 33ms
32ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.1&blog=2943880&post=0&tz=0&srv=www.winhelponline.com&host=www.winhelponline.com&ref=&fcp=1580&rand=0.6709673713847684
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 16 Jun 2020 11:41:24 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
127 B 40ms
40ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDYtMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX1d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f23fe9d921-AMS
content-length: 43
cf-request-id: 035e882b600000d92179080200000001
expires: Mon, 15 Jun 2020 11:41:24 UTC

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 11BF 0
0 48ms
47ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1592307684&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32896%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.winhelponline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1592307684137&bpp=5&bdt=686&idt=70&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8203247210674&frm=20&pv=2&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=1&ga_wpids=UA-131124027-30&iag=0&icsg=57159749468146&dssz=87&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=3007476603398275&pem=573&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=86

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1592307684&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32896%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.winhelponline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1592307684137&bpp=5&bdt=686&idt=70&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8203247210674&frm=20&pv=2&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_fc=1&ga_wpids=UA-131124027-30&iag=0&icsg=57159749468146&dssz=87&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=3007476603398275&pem=573&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winhelponline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Jun 2020 11:41:24 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Jun-2020 11:56:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Jun 2020 11:41:24 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591975235565162"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27914
x-xss-protection: 0
expires: Tue, 16 Jun 2020 11:41:24 GMT

GET
H2 200 Advg Show response
ad.doubleclick.net/ddm/adj/Bboqnn/ 11 B
675 B 188ms
66ms Script
text/javascript 216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bboqnn/Advg

Requested by

Host: absorbingcorn.com
URL: https://absorbingcorn.com/v2/0/wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
127 B 31ms
31ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6Ijg2NyJ9XX1d
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f319a8d921-AMS
content-length: 43
cf-request-id: 035e882bed0000d92179090200000001
expires: Mon, 15 Jun 2020 11:41:24 UTC

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 06E9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: absorbingcorn.com
URL: https://absorbingcorn.com/v2/0/wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winhelponline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 12 Jun 2020 13:10:56 GMT
expires: Sat, 12 Jun 2021 13:10:56 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 340228
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dark-bottom.css
www.winhelponline.com/ezoic/styles/ 3 KB
863 B 18ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winhelponline.com/ezoic/styles/dark-bottom.css
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac054159a85ddee2e265bc0a517304e773e8c8db653af949bab52dec5e2a1ed9

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 1842855
cf-polished: origSize=3031
status: 200
cf-request-id: 035e882c520000d9217909b200000001
last-modified: Sat, 23 May 2020 00:45:47 GMT
server: cloudflare
etag: W/"bd7-5a6461104c4c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 5a4442f3bb18d921-AMS
cf-bgj: minify

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
119 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=139492161&utmhn=www.winhelponline.com&utmt=event&utme=14(2310*0*30*1180*10*100*2000*2010)(2310*0*32*1188*12*107*2006*2012)8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&utmhid=1621317567&utmr=-&utmp=%2F&utmht=1592307684432&utmac=UA-131124027-30&utmcc=__utma%3D95264154.225777608.1592307683.1592307684.1592307684.1%3B%2B__utmz%3D95264154.1592307684.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAQBAABE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jun 2020 16:54:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 413239
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
90 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=4&utmn=1728911772&utmhn=www.winhelponline.com&utmt=event&utme=14(2310*0*30*1180*10*100*2000*2010)(2310*0*32*1188*12*107*2006*2012)8(template*domain)9(pub_site*winhelponline.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&utmhid=1621317567&utmr=-&utmp=%2F&utmht=1592307684435&utmac=UA-38339005-1&utmcc=__utma%3D95264154.225777608.1592307683.1592307684.1592307684.1%3B%2B__utmz%3D95264154.1592307684.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAQBAABE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jun 2020 16:54:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 413239
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
127 B 45ms
45ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInRfZXBvY2giOjE1OTIzMDc2ODIsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjE0MCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTMyOCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMTMifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNjY0In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNzA3In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6Ijk2OCJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f3cb39d921-AMS
content-length: 43
cf-request-id: 035e882c5c0000d9217909d200000001
expires: Mon, 15 Jun 2020 11:41:24 UTC

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
132 B 29ms
29ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIxNTgwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIxNTgwIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f3cb3dd921-AMS
content-length: 43
cf-request-id: 035e882c5c0000d9217909e200000001
expires: Mon, 15 Jun 2020 11:41:24 UTC

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
127 B 33ms
32ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiI5LjMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4442f3cb3ed921-AMS
content-length: 43
cf-request-id: 035e882c5c0000d9217909f200000001
expires: Mon, 15 Jun 2020 11:41:24 UTC

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 24ms
24ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200609&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cebf96c90656a0eb864cf86f4e90ad445b83bd78d865a38bc2ac86c0417a636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5626
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 16 Jun 2020 11:41:24 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 2EA5 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winhelponline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 16 Jun 2020 11:14:23 GMT
expires: Wed, 16 Jun 2021 11:14:23 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1621
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200609&jk=3007476603398275&bg=!KimlKTFYBmWgFAPsb30CAAAAUFIAAAANmQF9IV802KuX2veYN3_nfXxq1Lj7FGVUMcJeNDhfMKerOAImDmUgFe142cl4ZXLERC6v3B04lB-Neq7W0VZZfn4kn2DT_TJuSfSY3TspWdGcyUlgCr5Gz35Gw9siEhMVXEmXA5pWEuq2FTmZS87C8pNw8-S-tUOxUBWrePpvY5UPBi-vAZNX9wtH9CYPcdSerkGTewCbQWn1snZaZikD6eWvRNkhRHp5e4imet6jcHlERb_Le0O4-Th3EesM43cWPUocTXy59TKS7UIVsewYW5hznWUBUSYmr9jr7BzZffVLiWHirKPnUZLJGwG7FuP893RlDBpUXX9B6_KgQLj719gojd8Xr-VrvlL_ORsXNVNjsFTRWiiIjZS6HO_CkITbEswJcHyHLgW2IOyAEiLKYCkk61en_J8POV9-WNAxAiNgFGweTrMFk7bJc9mJijC33PgjS30nJMNrJvhkADbSwK2VxUK3X2qnxNilvNhwAkehhUAemLk9PhMxw3FVY3Jl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 11:41:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2vzkrSb2GKic2UiQwZCYcXG8o-yWUbDkSWJZDxX18pHgauMuz8v_6M3oDFahCJdgn8xazPs Show response
absorbingcorn.com/ 216 B
617 B 220ms
78ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingcorn.com/v2vzkrSb2GKic2UiQwZCYcXG8o-yWUbDkSWJZDxX18pHgauMuz8v_6M3oDFahCJdgn8xazPs

Requested by

Host: absorbingcorn.com
URL: https://absorbingcorn.com/v2/0/wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

922d5c3b8d8105d547d16e87407912c107cc90258c51281ac86d20dd577de7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 16 Jun 2020 11:41:24 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: taylor
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 16 Jun 2020 11:41:23 GMT

POST
H2 200 v2gmxQHaxyv8M-3N_A9QARAswkJvzpxm4mz1BpdKJp5PDV5TJuqBQgZEeD6Q2wBg9LXa6qng Show response
absorbingcorn.com/ 3 B
59 B 112ms
112ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingcorn.com/v2gmxQHaxyv8M-3N_A9QARAswkJvzpxm4mz1BpdKJp5PDV5TJuqBQgZEeD6Q2wBg9LXa6qng

Requested by

Host: absorbingcorn.com
URL: https://absorbingcorn.com/v2/0/wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 16 Jun 2020 11:41:25 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.winhelponline.com
access-control-allow-credentials: true
x-hostname: taylor
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 68 KB
21 KB 54ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/dall3201.js?cb=188-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:26 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 17 Jun 2020 11:41:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 68 KB
21 KB 59ms
29ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:26 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 17 Jun 2020 11:41:26 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame C0BB 0
0 58ms
58ms Document
text/plain 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=8711458
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/dall3201.js?cb=188-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.winhelponline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

Server: nginx
Date: Tue, 16 Jun 2020 11:41:26 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 325 B
433 B 222ms
221ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=289170899015184&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=1&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D120%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%26lb%3D240%26reqt%3D1592307687294&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687297&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=6&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=89&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7d1f9fc476a99329c916586bbb919ee1157a0e93486340f4fa566153b452a29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 316 B
428 B 407ms
407ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=4144769343083158&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=1&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D140%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D64%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%26lb%3D280%26reqt%3D1592307687301&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687303&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=1189&adks=279619605&ucis=7&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=89&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c769ca77a11afda2b6791ef1c5aa7d238308b856426f8a302e117086a65b0da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
25 KB 327ms
327ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2634660780280560&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=1&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D140%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D33%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%26lb%3D280%26reqt%3D1592307687315&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687317&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=916&adks=1649313398&ucis=8&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=89&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e33dd511169ba008692cfca80a8281d7b38e430b4bb0e53b1103168585eb19b5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12162408014961797142/index_688.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12162408014961797142/index_688.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGp0bCghuoCFR7juwgdkLECYQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12162408014961797142/index_688.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12162408014961797142/index_688.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12162408014961797142/index_688.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGp0bCghuoCFR7juwgdkLECYQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12162408014961797142/index_688.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24907
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 16 Jun 2020 11:41:27 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 75 KB
25 KB 284ms
284ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2696071394945931&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=1&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D140%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D78%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%26lb%3D280%26reqt%3D1592307687321&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687322&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=643&adks=1611167343&ucis=9&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=89&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2ba0d9f9b525abe6da87e084ddcd4a8c1db797c99144bf0fd7e5532efe7250db

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13338576317148071192/index_723.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13338576317148071192/index_723.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COnZ0bCghuoCFcrAuwgdlLABIg&gqi=&layout=/sadbundle/%24csp%253Der3%24/13338576317148071192/index_723.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13338576317148071192/index_723.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13338576317148071192/index_723.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COnZ0bCghuoCFcrAuwgdlLABIg&gqi=&layout=/sadbundle/%24csp%253Der3%24/13338576317148071192/index_723.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24595
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 16 Jun 2020 11:41:27 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 323 B
433 B 360ms
359ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2207876761591630&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=1&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D140%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D33%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%26lb%3D280%26reqt%3D1592307687326&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687328&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=370&adks=3917434485&ucis=a&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0C9C11|color_text,,000000|color_url,,0C9C11&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=89&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

68dfd51053b55d1846a5ababb5d03f168d2e323bbfd52f5df5c3f1001c6f6a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9B42 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winhelponline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Jun 2020 11:41:23 GMT
expires: Wed, 16 Jun 2021 11:41:23 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 182ms
59ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=188-1&bv=60&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
284 B 31ms
29ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQxODIifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a444307dc35d921-AMS
content-length: 43
cf-request-id: 035e8838e20000d921791c9200000001
expires: Mon, 15 Jun 2020 11:41:27 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
151 B 34ms
32ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE1OTIzMDc2ODIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDI4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODMifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a444307dc37d921-AMS
content-length: 43
cf-request-id: 035e8838e20000d921791ca200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
157 B 32ms
31ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDYtMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a444307dc39d921-AMS
content-length: 43
cf-request-id: 035e8838e20000d921791cb200000001
expires: Mon, 15 Jun 2020 11:41:27 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
263 B 32ms
31ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4OCwiYWRfcG9zaXRpb24iOjExMDIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjgwLCJiaWRfZmxvb3JfcHJldiI6MjgwLCJiaWRfZmxvb3JfZmlsbGVkIjoxNDAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjMxMCwibXVsdGlfYWRfdW5pdCI6MSwibXVsdGlfYWRfY291bnQiOjQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a444307dc3ad921-AMS
content-length: 43
cf-request-id: 035e8838e20000d921791cc200000001
expires: Mon, 15 Jun 2020 11:41:27 UTC

GET
H2 200 container.html
edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8E31 0
0 9ms
9ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winhelponline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winhelponline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Jun 2020 11:41:23 GMT
expires: Wed, 16 Jun 2021 11:41:23 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 151ms
58ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=188-1&bv=60&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
128 B 35ms
32ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE1OTIzMDc2ODIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDI4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NDcifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443080c9ad921-AMS
content-length: 43
cf-request-id: 035e8839000000d921791d0200000001
expires: Mon, 15 Jun 2020 11:41:27 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
151 B 34ms
31ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDYtMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443080c9bd921-AMS
content-length: 43
cf-request-id: 035e8839000000d921791d1200000001
expires: Mon, 15 Jun 2020 11:41:26 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 41ms
40ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTU5MjMwNzY4OCwiYWRfcG9zaXRpb24iOjExMDIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjgwLCJiaWRfZmxvb3JfcHJldiI6MjgwLCJiaWRfZmxvb3JfZmlsbGVkIjoxNDAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM0MSwibXVsdGlfYWRfdW5pdCI6MiwibXVsdGlfYWRfY291bnQiOjQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443080c9cd921-AMS
content-length: 43
cf-request-id: 035e8839010000d921791d2200000001
expires: Mon, 15 Jun 2020 11:41:27 UTC

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 325 B
214 B 223ms
222ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=3814337686811481&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=2&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D80%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C17%2C19%26lb%3D120%26reqt%3D1592307687802&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687804&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=b&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=12&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=87&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a73539d6e7eb67be67859cc33a4dca6a4432bc536da4360befd049f5c3c0000e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 316 B
205 B 215ms
214ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=1102965238489963&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=2&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D50%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D64%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%2C17%2C19%26lb%3D140%26reqt%3D1592307687817&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687819&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=1173&adks=279619605&ucis=c&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=13&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=87&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6858950bdad5e59b3e5d61c848162d7ecb15f64a8130d2de423451bebc7139d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 461ms
461ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2510932250026778&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=2&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D50%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D33%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%2C17%2C19%26lb%3D140%26reqt%3D1592307687832&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307687&dt=1592307687834&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=370&adks=3917434485&ucis=d&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0C9C11|color_text,,000000|color_url,,0C9C11&ifi=14&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=87&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0f54702863cddd2ed5b59b2f261943458167f4e5fe92abb0e949a9cdf8feaf71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame A4B8 202 KB
55 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1642
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 11:14:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 11:14:06 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame A4B8 16 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 429729
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame A4B8 97 KB
29 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1641
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 11:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 11:14:07 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame A4B8 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291970
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame A4B8 48 KB
15 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 429734
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A4B8 6 KB
845 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 11:19:39 GMT
server: ESF
date: Tue, 16 Jun 2020 11:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 11:41:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A4B8 6 KB
822 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 11:15:43 GMT
server: ESF
date: Tue, 16 Jun 2020 11:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 11:41:28 GMT

GET
DATA 200
OK truncated
/ Frame A4B8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba959aa186296a7604a0407c197015009f8d4c806708b85da247eef2a4b72b7f

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A4B8 0
0 86ms
67ms Image
text/html 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzYcR56_oXpyEN4aQ3wPSshCD_JayXa22vKudC7_hHhABIPT5xiVg6gGgAcvi4oQDyAEG4AIAqAMByAMKqgTnAU_QJR1hY9oflqQA0w_l33rkqHrpwVLsUG0dM1DJjLkFsgwgUoCF1fr11dBJOQ-ITrJRXCm5wrqW7TheVoGm5KLf2twFCBCRZ3611Jn8lI2kNf4Htzgu01JyvG4c8NDUJJT7zULDWt65lNQAZscFj5CkEjc7H_jmgiR08OMu8hXqvGMfM2NSv7V-e5UUAZJKelqhfk8k7TUMHOMXN29c1W83LTXOwUC1FOwq91XGUOPrwXXKx7MYhFtGSlUvW2-mRZxvPOVP2HLoGe0RdVT2bO0Z0fBQizLtDfFr2R4-QEEZs_pdrFXFlMAE8N_O1pIC4AQBkgUECAQYAZIFBAgFGASgBjeAB52dnXuoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ6Oc_0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzA1OTU4Mzg4MjgxMDUzgAoDyAsB2BMMiBQC&sigh=hGHttsvlxsA&template_id=492&tpd=AGWhJmt6jdf1aRwJ_AiZi9TNtkIri-zEwiveAUFur_mSynwjeQ
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4B8 3 KB
3 KB 23ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 11788
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 17 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4B8 344 B
418 B 23ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 73158
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 16 Jun 2020 15:22:10 GMT

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 127ms
120ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=188-1&bv=60&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
150 B 43ms
36ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwNSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDUsImJpZF9mbG9vcl9wcmV2IjowLjAwMTQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODYifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430c2dc8d921-AMS
content-length: 43
cf-request-id: 035e883b990000d92179213200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 54ms
49ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTA2LTE2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTMifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430c2dcad921-AMS
content-length: 43
cf-request-id: 035e883b990000d92179214200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 45ms
39ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODgsImFkX3Bvc2l0aW9uIjoxMTAyLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiYmlkX2Zsb29yX2luaXRpYWwiOjI4MCwiYmlkX2Zsb29yX3ByZXYiOjE0MCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTAsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQ3OSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430c2dccd921-AMS
content-length: 43
cf-request-id: 035e883b990000d92179215200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
224 B 188ms
187ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=1383972408878534&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=3&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D60%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C17%2C19%2C17%2C19%26lb%3D80%26reqt%3D1592307688339&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307688&dt=1592307688343&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=e&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=86&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ac5dc1b8851943bf346922a1611f57b50c0a29bd8afa054f74d708cdb917bc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
10 KB 217ms
216ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=234493899901628&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=3&prev_scp=iid6%3D561304%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dwinhelponline_com-box-1-561304%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D0%26bvm%3D5%26bvr%3D3%26shp%3D3%26acptad%3D1%26br1%3D4%26br2%3D160%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D64%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C17%2C17%2C19%2C17%2C18%2C19%26lb%3D50%26reqt%3D1592307688346&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307688&dt=1592307688348&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=1165&adks=279619605&ucis=f&sps=channel,,8193314120|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=86&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=300x262&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e9f2d2a51b2175fafc0e49e57e847ff296a7456a0e5b4a48bf9c616ad435ea96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10661
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A4B8 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en
Origin: https://www.winhelponline.com

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 644254
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ Frame A4B8 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en
Origin: https://www.winhelponline.com

Response headers

date: Thu, 11 Jun 2020 02:32:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 464952
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:32:16 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A4B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Jun 2020 11:41:28 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/ 20 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200609/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df7b88bf786124161c91ce7636949e353cb8ff1ed090a3ba030152d4fde3e2f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7227
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 11:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "152b1cf4fabdd896"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jun 2020 11:41:28 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame E212 202 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1642
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 11:14:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 11:14:06 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E212 16 KB
6 KB 14ms
4ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 429729
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E212 97 KB
29 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1641
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 11:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 11:14:07 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E212 4 KB
2 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291970
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E212 48 KB
15 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 429734
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E212 6 KB
822 B 21ms
12ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 11:30:12 GMT
server: ESF
date: Tue, 16 Jun 2020 11:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 11:41:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E212 6 KB
822 B 23ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 11:11:31 GMT
server: ESF
date: Tue, 16 Jun 2020 11:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 11:41:28 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E212 3 KB
3 KB 17ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 11788
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 17 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E212 344 B
413 B 18ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 73158
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 16 Jun 2020 15:22:10 GMT

GET
DATA 200
OK truncated
/ Frame E212 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51591c67b8cc0f32202599cfcb880d025b5253ee1ed788b4b33d05194ade3add

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E212 0
0 76ms
70ms Image
text/html 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7rWd6K_oXqnsGJTG7_UPxMy5kAWD_JayXa22vKudC7_hHhABIPT5xiVg6gGgAcvi4oQDyAEG4AIAqAMByAMKqgTnAU_Qtq4s-xgz0XQhWb6-EtpYfh8jVhth3mDPOJ44UIU1lFQiwvt75uZyprU3WOiBcrHeIQ87ebVR3UtW-lgZ30efhZNYRlDeTz23WbnGt2kE8X-x93ezNWQBuV9au2BK8CvWQ9dad2kruOQYfpCPIfTSkTF9HXpD4c_w0YIyXi2EZm4X7NNc3V1eJ887L_14YS1RI0Nf5vbjTXBFp8O7XXwPZTwD2c7fvoU3PEr-550YdCoOE51zpdtcW-DcNNTu2jedloNgcjsP6eBXXS8XnjIbO5ashXDvDp-vVPMBxV4nIfWsCVhqNsAE8N_O1pIC4AQBkgUECAQYAZIFBAgFGASgBjeAB52dnXuoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ2-8S0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzA1OTU4Mzg4MjgxMDUzgAoDyAsB2BMMiBQC&sigh=vNqOiYVbmj8&template_id=492&tpd=AGWhJms3uX36JlrRNSPsTBE4SBOrWIYq64pS2vntYckr2xZUDA
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame E212 0
0 23ms
15ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuQb2ogM0bbh6nGBBkJGlOfsReVclSFrlNzO2toPbTzSobUhC9R7clBJQOQlmEWfoe9dU3P4io8XqyciKbrc5vu_HRmg
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 73ms
56ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/porpoiseant/banger.js?cb=188-1&bv=60&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
150 B 56ms
38ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE1OTIzMDc2ODIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA0LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDUsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDUxNiJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430e0921d921-AMS
content-length: 43
cf-request-id: 035e883cc10000d92179239200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 49ms
33ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDYtMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430e0923d921-AMS
content-length: 43
cf-request-id: 035e883cc10000d9217923a200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 56ms
40ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTU5MjMwNzY4OSwiYWRfcG9zaXRpb24iOjExMDIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjgwLCJiaWRfZmxvb3JfcHJldiI6NTAsImJpZF9mbG9vcl9maWxsZWQiOjQsImF1Y3Rpb25fY291bnQiOjQsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjI0NSwibXVsdGlfYWRfdW5pdCI6MywibXVsdGlfYWRfY291bnQiOjQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430e0924d921-AMS
content-length: 43
cf-request-id: 035e883cc20000d9217923b200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E212 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en
Origin: https://www.winhelponline.com

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 644254
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ Frame E212 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: www.winhelponline.com
URL: https://www.winhelponline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en
Origin: https://www.winhelponline.com

Response headers

date: Thu, 11 Jun 2020 02:32:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 464952
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:32:16 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E212 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 11788
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 17 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E212 344 B
413 B 11ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 73158
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 16 Jun 2020 15:22:10 GMT

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 41ms
40ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430f0b85d921-AMS
content-length: 43
cf-request-id: 035e883d660000d9217924f200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 45ms
45ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:28 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44430f0b8cd921-AMS
content-length: 43
cf-request-id: 035e883d680000d92179250200000001
expires: Mon, 15 Jun 2020 11:41:28 UTC

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
223 B 197ms
196ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2518392025773703&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=4&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D50%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C17%2C19%2C17%2C19%2C17%2C19%26lb%3D60%26reqt%3D1592307688847&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307688&dt=1592307688851&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=g&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=17&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=86&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ed21083e632d96047382fda217e8b9b3ea2f4019b0c6374eb24129b34ababfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
150 B 31ms
30ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443112f72d921-AMS
content-length: 43
cf-request-id: 035e883eb70000d92179272200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 42ms
42ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443114fbed921-AMS
content-length: 43
cf-request-id: 035e883ed10000d92179274200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 325 B
212 B 192ms
191ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2849482786192083&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=5&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3D8fc09e60bfd78aa82afac0405213359a%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D48%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C17%2C19%2C17%2C19%2C17%2C19%2C17%2C19%26lb%3D50%26reqt%3D1592307689357&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307689&dt=1592307689359&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=h&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=18&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=86&icsg=57159749468146&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

44c1665de80b15488dbcdf5cb46296372f869e546dc4793223aac2a8734fa883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 821 B
1 KB 95ms
30ms Script
application/javascript 2600:9000:215d:4600:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=188-1
Requested by: Host: www.winhelponline.com
URL: https://www.winhelponline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:4600:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:18:23 GMT
via: 1.1 c2c75215aa2ab067e062055fa68a3fdf.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 23:27:12 GMT
server: nginx/1.16.0
age: 3997386
etag: "335-5a411b46d1400;5a48dac1c3895-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 821
x-amz-cf-id: dCh5zXTu-hqSoNW9SujxasI0MUOaFMakBOkyfTwMZ28zFgGPdAr9Hw==

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 36ms
35ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA4MzAzIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMTM4In1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiOTcifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjExOCJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTE4In1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzMjMifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443134bd7d921-AMS
content-length: 43
cf-request-id: 035e8840090000d9217928c200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 33ms
32ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA4MzAzIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjY3NSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNTQzOSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjEwNTYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjM3MCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTA1NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNjM1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDU2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI5MDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjEwNTYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExNjUifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443134bd9d921-AMS
content-length: 43
cf-request-id: 035e88400a0000d9217928d200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A4B8 42 B
107 B 28ms
27ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9eXKzs-s3f1r85bLw_lMk9zDvoP-a3spxmTu7zRhtBBNnqkm73rR2-sBDt6BEbawb1wgu8OzsCwwysTxS_ydAOtNdwCC02PlpcMSqfXgJXmoPiPSqcvy27EJGxPBGCrAgo-uVtWcAO23cjm1oJ2yAsA&sai=AMfl-YTPOjzP9NeHvxNKS3oRzGWBV9lmzu-zzWl-Kt--IlCpiBwk2AKVhNlmi0tND74fF1uvxr0BUoU14AaVfbn4Dde3zz4s0q2xU6fZIBw5708jNQoV-8Y86MrOdgY&sig=Cg0ArKJSzMdCdpOQqeWpEAE&cid=CAASF-RoaUOPxnZQgDCsbQxugHkHXOw_pVlG&id=ampim&o=1056,370&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=145&tls=1145&g=100&h=100&tt=1145&r=v&avms=ampa&adk=3917434485

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 11:41:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
132 B 35ms
35ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443138c41d921-AMS
content-length: 43
cf-request-id: 035e8840340000d92179290200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 225ms
55ms Script
application/x-javascript 91.228.74.200
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=188-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 11:41:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16-Jun-2020 11:41:29 GMT
Server: QS
Etag: M0-4cca824e
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Strict-Transport-Security: max-age=86400
Content-Length: 8082
Expires: Tue, 23 Jun 2020 11:41:29 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 195ms
63ms Script
application/x-javascript 23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=188-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 11:41:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 17 Jun 2020 11:41:29 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1592307689724&ns_c=UTF-8&cv=3.5&c8=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Revie...
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1592307689724&ns_c=UTF-8&cv=3.5&c8=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Revi...

0
528 B

64ms
64ms

Image
text/plain

23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1592307689724&ns_c=UTF-8&cv=3.5&c8=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&c7=https%3A%2F%2Fwww.winhelponline.com%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 11:41:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1592307689724&ns_c=UTF-8&cv=3.5&c8=Winhelponline%20%3A%3A%20Windows%20Help%2C%20Articles%2C%20Insider%20News%2C%20Tips%20%26%20Tech%20Reviews&c7=https%3A%2F%2Fwww.winhelponline.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 16 Jun 2020 11:41:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
350 B 81ms
26ms Script
application/x-javascript 2600:9000:215d:fe00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:fe00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 01:01:09 GMT
via: 1.1 515bf1bf612fe881047c4f033b8f25e4.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 38421
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: uFG8OGfYmqPVPcHdM5IZH6WNcdCIJp7J1CKmx3Ml1kA9YaoW9cSSjQ==

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
127 B 34ms
34ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NjEzMDQiLCJkb21haW5faWQiOiIxMDUzNjciLCJ1bml0IjoiZGl2LWdwdC1hZC13aW5oZWxwb25saW5lX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:29 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443156844d921-AMS
content-length: 43
cf-request-id: 035e88415f0000d921792b4200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H/1.1 200
OK pixel;r=2072220736;labels=Domain.winhelponline_com%2CDomainId.105367;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.winhelponline.com%2F;fpan=1;fpa=P0-89611498-1592307689841;ns=0;ce=1;qjs=1;qv=3d5959...
pixel.quantserve.com/ 35 B
544 B 222ms
56ms Image
image/gif 91.228.74.136
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2072220736;labels=Domain.winhelponline_com%2CDomainId.105367;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.winhelponline.com%2F;fpan=1;fpa=P0-89611498-1592307689841;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=winhelponline.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1592307689841;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Winhelponline%252Ecom%20-%20Productivity%20Tips%20for%20Windows%2Cdescription.Productivity%20Tips%252C%20Windows%20Troubleshooting%20%26%20Customization%2Curl.https%3A%2F%2Fwww%252Ewinhelponline%252Ecom%2Fblog%2F%2Csite_name.Winhelponline

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.136 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 11:41:30 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 325 B
212 B 183ms
182ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=3326788387625312&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=6&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3Da928cf2c3ad36f5e9ed2d90f655c1dc9%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D44%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C17%2C19%2C17%2C19%2C17%2C19%2C17%2C19%2C17%2C19%26lb%3D48%26reqt%3D1592307689864&eri=1&cookie=ID%3D0650d6a180eff26f%3AT%3D1592307683%3AS%3DALNI_MZrnSukhfuE-NSqdLSNsioiS-qsug&bc=31&abxe=1&lmt=1592307689&dt=1592307689868&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=i&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=19&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=90&icsg=228638997676018&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=7

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

050a189f8bd0950e60e66268bd272f222edb269e42d5dfdf50993a0f7a0da48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2vzkrSb2GKic2UiQwZCYcXG8o-yWUbDkSWJZDxX18pHgauMuz8v_6M3oDFahCJdgn8xazPs Show response
absorbingcorn.com/ 195 B
278 B 81ms
80ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingcorn.com/v2vzkrSb2GKic2UiQwZCYcXG8o-yWUbDkSWJZDxX18pHgauMuz8v_6M3oDFahCJdgn8xazPs

Requested by

Host: absorbingcorn.com
URL: https://absorbingcorn.com/v2/0/wmgLsOeKtMHetwDmiDrbeLbyJp-TbBj2k5JUVwmNSsHHkr5T8-ogSop91QYVZTRxfNT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

de39e641c333545ad95151b02ab19578e6696ef470daf56acc036c3bd288d5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 16 Jun 2020 11:41:30 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: taylor
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 195
expires: Tue, 16 Jun 2020 11:41:29 GMT

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
150 B 46ms
45ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTYxMzA0IiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTU5MjMwNzY4MiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZTUzNjc1NzAtMjVmMi00OWEyLTU3ODktNjE2NWNmNmJmNWIzIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2MTMwNCIsImRvbWFpbl9pZCI6IjEwNTM2NyIsInVuaXQiOiJkaXYtZ3B0LWFkLXdpbmhlbHBvbmxpbmVfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE1OTIzMDc2ODIsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:30 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443172c93d921-AMS
content-length: 43
cf-request-id: 035e8842770000d921792e0200000001
expires: Mon, 15 Jun 2020 11:41:29 UTC

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
400 B 183ms
183ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007476603398275&correlator=2624469204974333&output=ldjh&impl=fif&eid=21066405%2C21065929%2C21066301%2C21066349&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=1254144%2Cwinhelponline_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&rcs=7&prev_scp=iid6%3D508303%26t%3D134%26d%3D105367%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D8%26at%3Dbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dwinhelponline_com-medrectangle-1-508303%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%26asau%3D4511284716%26bv%3D1%26bvm%3D2%26bvr%3D6%26shp%3D3%26acptad%3D1%26br1%3D0%26br2%3D140%26ezoic%3D1%26nmau%3D2%26mau%3D0%26stl%3D4%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C17%2C19%2C17%2C19%2C17%2C19%2C17%2C19%2C17%2C19%2C17%2C18%2C19%26lb%3D44%26reqt%3D1592307690379%26ss38%3D1%26ss9%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1592307690&dt=1592307690382&dlt=1592307683450&idt=416&frm=20&biw=1600&bih=1200&oid=3&adxs=675&adys=5439&adks=4267002176&ucis=j&sps=channel,,8193314120|color_bg,,EEFF00|color_border,,EEFF00|color_link,,000000|color_text,,000000|color_url,,000000&ifi=20&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.winhelponline.com%2F&dssz=90&icsg=228638997676018&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x258&msz=250x250&ga_vid=225777608.1592307683&ga_sid=1592307684&ga_hid=1621317567&ga_wpids=UA-131124027-30&fws=0&ohw=0&btvi=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4806b1d63ad3764e56cc81f92db18d0df18156577df0a81b3dc6c9c44e3c71be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winhelponline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
www.winhelponline.com/porpoiseant/ 43 B
261 B 39ms
38ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA4MzAzIiwiZG9tYWluX2lkIjoiMTA1MzY3IiwidW5pdCI6ImRpdi1ncHQtYWQtd2luaGVscG9ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTEtMCIsInRfZXBvY2giOjE1OTIzMDc2ODIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTExNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImU1MzY3NTcwLTI1ZjItNDlhMi01Nzg5LTYxNjVjZjZiZjViMyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiOCJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:30 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a44431a2bb1d921-AMS
content-length: 43
cf-request-id: 035e8844560000d92179339200000001
expires: Mon, 15 Jun 2020 11:41:31 UTC

GET
H2 200 greenoaks.gif
www.winhelponline.com/detroitchicago/ 43 B
189 B 29ms
29ms Image
image/gif 2606:4700:3032::ac43:c7ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winhelponline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlNTM2NzU3MC0yNWYyLTQ5YTItNTc4OS02MTY1Y2Y2YmY1YjMiLCJkb21haW5faWQiOiIxMDUzNjciLCJ0X2Vwb2NoIjoxNTkyMzA3NjgyLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0NjMwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMxNDQwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODg0NDgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NTI4In1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.winhelponline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 11:41:31 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5a4443211aaed921-AMS
content-length: 43
cf-request-id: 035e8848af0000d921793d2200000001
expires: Mon, 15 Jun 2020 11:41:31 UTC

Verdicts & Comments Add Verdict or Comment

346 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winhelponline.com/	1970-01-19 10:18:29	Name: __utmb Value: 95264154.4.8.1592307684
www.winhelponline.com/	1970-01-19 19:04:03	Name: ezux_lpl_105367 Value: 1592307684429\|e5367570-25f2-49a2-5789-6165cf6bf5b3\|false
.winhelponline.com/	1970-01-20 03:49:39	Name: __gads Value: ID=bf2d5446df96595c:T=1592307683:S=ALNI_Ma17EUrWqhTUpBVoKKQkGjTl3h-mA
www.winhelponline.com/	1970-01-21 23:37:39	Name: ezohw Value: w%3D1600%2Ch%3D1200
www.winhelponline.com/	1970-01-21 23:37:39	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.winhelponline.com/	1970-01-20 03:49:39	Name: ezosuigeneris Value: 76902892404fa34380096b08dedb4e43
.winhelponline.com/	1970-01-19 10:18:28	Name: __utmt_f Value: 1
.winhelponline.com/	1970-01-20 03:49:39	Name: __utma Value: 95264154.225777608.1592307683.1592307684.1592307684.1
.winhelponline.com/	1970-01-19 10:18:28	Name: __utmt_e Value: 1
.winhelponline.com/	1970-01-19 14:41:15	Name: __utmz Value: 95264154.1592307684.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.winhelponline.com/	1970-01-19 10:19:54	Name: _gid Value: GA1.2.842185073.1592307683
.winhelponline.com/	1969-12-31 23:59:59	Name: __utmc Value: 95264154
.doubleclick.net/	1970-01-19 10:18:28	Name: test_cookie Value: CheckForPermission
www.winhelponline.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0
.winhelponline.com/	1970-01-20 03:49:39	Name: _ga Value: GA1.2.225777608.1592307683
.winhelponline.com/	1970-01-19 10:18:29	Name: ezovid_105367 Value: 1119547479
.winhelponline.com/	1970-01-19 10:18:27	Name: _gat Value: 1
www.winhelponline.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.winhelponline.com/	1970-01-19 19:04:03	Name: ezCMPCCS Value: true
.winhelponline.com/	1970-01-19 10:18:29	Name: ezovuuid_105367 Value: 0cf0a386-cef4-4ca7-531d-61f3571bc04a
.winhelponline.com/	1970-01-19 10:18:29	Name: ezoadgid_105367 Value: -1
.winhelponline.com/	1970-01-19 10:18:34	Name: lp_105367 Value: https://www.winhelponline.com/
.winhelponline.com/	1970-01-19 10:18:29	Name: ezoma_105367 Value: 999,999
.winhelponline.com/	1970-01-19 10:18:29	Name: ezopvc_105367 Value: 1
.winhelponline.com/	1970-01-19 10:19:54	Name: ezepvv Value: 298
.winhelponline.com/	1970-01-19 10:18:34	Name: ezoab_105367 Value: mod1
.winhelponline.com/	1970-01-19 10:21:20	Name: active_template::105367 Value: pub_site.1592307682
.winhelponline.com/	1970-01-19 11:01:39	Name: __cfduid Value: d6354c9c30444484f58cad5e387c266401592307682
.winhelponline.com/	1970-01-19 10:18:34	Name: ezoref_105367 Value:
.winhelponline.com/	1970-01-19 10:21:20	Name: ezovuuidtime_105367 Value: 1592307683

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.winhelponline.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://www.winhelponline.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://www.winhelponline.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absorbingcorn.com
ad.doubleclick.net
adservice.google.com
adservice.google.ee
ap.lijit.com
bidder.criteo.com
cdn.ampproject.org
clients1.google.com
cse.google.com
edc7aff5412e6cec5b1bdc7965984f92.safeframe.googlesyndication.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.wp.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.winhelponline.com
178.250.2.131
192.0.76.3
192.0.77.2
216.52.2.19
216.58.205.230
216.58.210.2
23.42.18.223
2600:9000:215d:4600:2:cb38:840:93a1
2600:9000:215d:fe00:6:44e3:f8c0:93a1
2606:4700:3032::ac43:c7ab
2606:4700:e0::ac40:6f05
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:814::200a
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2002
2a00:1450:4001:821::2008
2a00:1450:4001:824::2002
2a02:2638::3
3.126.196.163
35.190.64.11
37.252.173.38
91.228.74.136
91.228.74.200
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
050a189f8bd0950e60e66268bd272f222edb269e42d5dfdf50993a0f7a0da48e
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0dcb41ec9bdcb110006be19d2cc8441363f0bf827e61beed7f55c8f8a3fffc18
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f39d3bfd77bd9b83cebee50aa8b613675f2482ec939d86abff740ad3babead7
0f54702863cddd2ed5b59b2f261943458167f4e5fe92abb0e949a9cdf8feaf71
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15bfa40a4ff011afd1c2222cea81f05dbfaccbfef7a55909167c564bda789476
1ca10f8a06498f5c3104fbf34cf163e62be492b1a214470ec765215b20a166aa
20ad8fab297008c4685b0da5ca62653d858ac9d3757b43779440a3ba3c707a11
23185d78f5eb3badb6f83620222a6e0788d66c5d478ac069f6b9574661567345
23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641
2ba0d9f9b525abe6da87e084ddcd4a8c1db797c99144bf0fd7e5532efe7250db
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
39575789b11ac70e63a594cdb36045c097b0fddbf82619e625c66b0e577c9c2b
3a2b5aedab6d8d1c405b309e966859cc6f9f836039b5b4999d15dfc25307e8b4
3a84f9e532615760fdc5111d22aa579a6df5ae2cefa822aa53f195d3553d20ef
3aab52edc97580682cd0398f7bbd9121c9c0265e79c9f1c2cc586272b88aa23b
3cebf96c90656a0eb864cf86f4e90ad445b83bd78d865a38bc2ac86c0417a636
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
44c1665de80b15488dbcdf5cb46296372f869e546dc4793223aac2a8734fa883
464fdb5d396506099090df470b4a8094185ecd4561911b9e9e797525cfff50c1
4806b1d63ad3764e56cc81f92db18d0df18156577df0a81b3dc6c9c44e3c71be
4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
4e43b281c6bfc7ff8352b2022ccf40aac561c38127f07f09da4294f2e58b1555
51591c67b8cc0f32202599cfcb880d025b5253ee1ed788b4b33d05194ade3add
522d9779be19c8a7d09b9376f9acee874bd91b5cdcdd0d38333b16c56fc0e1e2
52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54ff0f5ad0c2de64cc772dd6c71622911e56cfe34ed9cfa763de73d3c9574cf9
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ae75d49a5c2449cbb5f84a56c0c0cfff6910ec402aece722e32d3a3775ab2b9
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d6f11b8e6b9ba75a8c44390b788d37d66d2674fa1f12b995b000360b16a8a37
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
6858950bdad5e59b3e5d61c848162d7ecb15f64a8130d2de423451bebc7139d0
68dfd51053b55d1846a5ababb5d03f168d2e323bbfd52f5df5c3f1001c6f6a9b
6abe8b01dcfb7b666c7986f5589f4010e1855cfe61778fa2b5aebcc01abd46f6
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
6df7b88bf786124161c91ce7636949e353cb8ff1ed090a3ba030152d4fde3e2f
71fd58c2bd32aa7d0053733d7b70a007edbaa5e446afd0afa3dea57cde220b26
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
7522ec08e150b85c69315fd5a1e03a2dc3a129d54e7081ec1236ca9cbeeab815
75453cd0030d72efdb8a090ebc5fb7b1b6ca24621894a689024c60103d9413e3
7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
7d1f9fc476a99329c916586bbb919ee1157a0e93486340f4fa566153b452a29b
8158b9745ce93ef1507998268ff6a7c11a35c5f4dd86ecca4a3e9ffef5d350bf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8a9cbfae373134d1da89072dbb43f509b46ca20902b0421c758f5709c4b74f38
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
90f6bdb8f288ac0dfa9467ddd49f9c7769de1f373692b99cd147f8a45b973c52
922d5c3b8d8105d547d16e87407912c107cc90258c51281ac86d20dd577de7c2
9a40bace1c4b338325f8e29c0940a05904b1d05006531ab50e41ddd4d0ce2a85
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a50f20ecac24eeea05e7fc20c4f5d20b5075e061fd067d1f956e424fe010dcf2
a5dec6d66da315927edbf4e112d92fb83df28b3cbdc72c7f8123f3f16ace13b1
a679b68f60a7c0c08847a24b34801ff292d8aef956e3e8c5df134ca0b10a4c16
a73539d6e7eb67be67859cc33a4dca6a4432bc536da4360befd049f5c3c0000e
a836b706a7857ae724f16d96cd4e562cd16209fbf80f59bf41d2fbcb6e23f2a1
aadc3759968454b0c43775a95c3f9229cd36c390b9686854c32b68aac3b85bd9
ac054159a85ddee2e265bc0a517304e773e8c8db653af949bab52dec5e2a1ed9
ac5dc1b8851943bf346922a1611f57b50c0a29bd8afa054f74d708cdb917bc2c
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
af083de22c08b63a2cb0f3c0fa48c33763b214c666c0c8c825d3db8e8f0de09e
af8850f057e7d2ce6b198c0f753c5a3f9c5d577349fd4878f8fe0ea2a576a3c1
b047229b6e69ca37475212066e866557d80e3b35a9e49ad6cb0a98d6e8d7f91c
b2757456932c392ef7583352a163e434e95e76f987bbaf1cece5b72e407c778c
b280b516f629c540111e06cfbb9767dd4f257e143583ee31868a1503f9836c24
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ba80539a5c0c4bbb29e265ec112aa4c78367905a1ce64886c245ec3ab86d4da4
ba959aa186296a7604a0407c197015009f8d4c806708b85da247eef2a4b72b7f
bb4e686583a569aa9e17fb98eb973e3c9fe96fb117157c70cc8d8c729830c12f
bbd0b59aa1a9796663bfa8af73b2866a6142d8e64bc123da5ca6f8b29a88bd7b
c2e4bd0a1dbd75110206f95d0efc6d32899d5b53ae679f8d161dee97c84fabd0
c769ca77a11afda2b6791ef1c5aa7d238308b856426f8a302e117086a65b0da2
c7f93e1f2ab62d16330b581034f50714fdcaed8705a6fa935e0ab74035565055
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce3cbe8f8b36401215a27db00eeb776a9d7f7a27d341db639a762176332c9f03
d765571464e5ebee8761b77771aacdf3688ae515992a46d5b4a3cd1f827d7d84
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de
de39e641c333545ad95151b02ab19578e6696ef470daf56acc036c3bd288d5ae
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e2cbe1b2e4a973448c595809e1902aaf769ff996861094c2faf104a9ba279288
e30498b2bf3916dd0cb8614f7a93fb95a92f42727fd668f47fa6ec496d96e398
e33dd511169ba008692cfca80a8281d7b38e430b4bb0e53b1103168585eb19b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
e9f2d2a51b2175fafc0e49e57e847ff296a7456a0e5b4a48bf9c616ad435ea96
ea35b3b9523fb354a768e5b791c030e25f769f399258c69527088b3d43ac31a2
eca24c416e8f5dd9de1684ff0ff2b91eade8e321a15925bff8436f647f9cf3fe
ed1cf601f8038889cbf5b608bd5a1a89c2774c054a46cbaa9038d8dd092d9a5d
ed21083e632d96047382fda217e8b9b3ea2f4019b0c6374eb24129b34ababfed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9b6b45355ab7c577d79122d80b0eb4d85f44ff4860dfdb54059b7f933920a5
f0dc9317c0a34d5a278ffd0cf42c4f08a3e58b7e978c4111dd60d82d015f63d4
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2550a0f31648f0f97293f0818c60d477a8c0280d5a52d19ea8b73e04b754792
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
f7a64c902668f1f7cc5674c4aa5737c8f411d259ca8c80239e468141ab36c7fe
fa9ac3f72c12a21d7d6b62f0e782718466850f8c7af0a2ff84b534fb396f86cf
fc74ecfe73ce7f61bcaaf257b7889550bb7686c6499bed9ca26ea32a4d08fa01
fcdba4d84ec96a913e3d42ebaa7e837ba00a8eeeba35bb90130fcb362a8318a7
fff653c6fc2cc024328939230b9f69bbfbeff424e7df3191c98f2a5fb47afb8c

www.winhelponline.com Open in urlscan Pro 2606:4700:3032::ac43:c7ab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

100 %HTTPS

60 %IPv6

21 Domains

37 Subdomains

31 IPs

6 Countries

1445 kBTransfer

3840 kBSize

30 Cookies

5 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.winhelponline.com Open in urlscan Pro
2606:4700:3032::ac43:c7ab Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

100 %
HTTPS

60 %
IPv6

21
Domains

37
Subdomains

31
IPs

6
Countries

1445 kB
Transfer

3840 kB
Size

30
Cookies

192 HTTP transactions
4 data transactions