windows-setup12.live Open in urlscan Pro
2606:4700:3037::ac43:d212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windows-setup12.live/
Submission Tags: @phishunt_io
Submission: On May 18 via api (May 18th 2022, 12:26:25 pm UTC) from DE — Scanned from DE

Summary HTTP 285 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 28 domains to perform 285 HTTP transactions. The main IP is 2606:4700:3037::ac43:d212, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows-setup12.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time windows-setup12.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3037::ac43:d212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:f7:... 2a02:26f0:f7:181::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2a04:4e42:4c:... 2a04:4e42:4c::666	54113 (FASTLY) (FASTLY)
2	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.130.154 151.101.130.154	54113 (FASTLY) (FASTLY)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
40	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.203.121 34.120.203.121	15169 (GOOGLE) (GOOGLE)
37	2.20.86.213 2.20.86.213	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	18.168.99.230 18.168.99.230	16509 (AMAZON-02) (AMAZON-02)
2	3.218.28.227 3.218.28.227	14618 (AMAZON-AES) (AMAZON-AES)
17	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
34	184.87.213.172 184.87.213.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:231... 2600:9000:2315:2e00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	35.153.152.203 35.153.152.203	14618 (AMAZON-AES) (AMAZON-AES)
1 2	99.86.7.38 99.86.7.38	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.173 65.9.66.173	16509 (AMAZON-02) (AMAZON-02)
1	35.227.208.151 35.227.208.151	() ()
2	2a00:1450:400... 2a00:1450:4001:801::200a	() ()
1 2	2606:4700::68... 2606:4700::6810:7eaf	() ()
5	2600:9000:231... 2600:9000:2315:3800:2:42d9:3100:93a1	() ()
3	79.125.102.158 79.125.102.158	() ()
1	52.31.67.18 52.31.67.18	() ()
1	15.236.176.210 15.236.176.210	() ()
1 1	54.154.144.208 54.154.144.208	() ()
1	2600:9000:205... 2600:9000:2057:f400:1d:667e:2a40:93a1	() ()
285	34

15 2606:4700:3037::ac43:d212 (United States)

ASN13335 (CLOUDFLARENET, US)

windows-setup12.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f7:181::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a04:4e42:4c::666 (United States)

ASN54113 (FASTLY, US)

www.cnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.154 (United States)

ASN54113 (FASTLY, US)

at.adtech.redventures.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.203.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.203.120.34.bc.googleusercontent.com

urs.cnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2.20.86.213 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

static.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.myfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.168.99.230 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-99-230.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.28.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-28-227.compute-1.amazonaws.com

a.myfidevs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 184.87.213.172 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-172.deploy.static.akamaitechnologies.com

redventuresgamdisplay60805146916.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:2e00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.153.152.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-152-203.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-38.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.208.151 (None, )

ASN- ()

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (None, ) 1 redirects

ASN- ()

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2315:3800:2:42d9:3100:93a1 (None, )

ASN- ()

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 79.125.102.158 (None, )

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.67.18 (None, )

ASN- ()

newimagitas.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (None, )

ASN- ()

saa.cnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.144.208 (None, ) 1 redirects

ASN- ()

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f400:1d:667e:2a40:93a1 (None, )

ASN- ()

jjm8xtxrh8o1q146shsfb6giidstp1652876784.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130 99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com 4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com 07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com	589 KB
40	moatads.com z.moatads.com — Cisco Umbrella Rank: 374 mb.moatads.com — Cisco Umbrella Rank: 569 geo.moatads.com — Cisco Umbrella Rank: 595 px.moatads.com — Cisco Umbrella Rank: 405	1 MB
40	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 pubads.g.doubleclick.net	986 KB
34	moatpixel.com redventuresgamdisplay60805146916.s.moatpixel.com — Cisco Umbrella Rank: 36063	9 KB
22	cnet.com www.cnet.com — Cisco Umbrella Rank: 14921 urs.cnet.com — Cisco Umbrella Rank: 76042 saa.cnet.com	614 KB
15	windows-setup12.live windows-setup12.live	269 KB
13	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	5 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	408 KB
7	google.de adservice.google.de — Cisco Umbrella Rank: 7678	1 KB
6	imrworldwide.com cdn-gl.imrworldwide.com secure-us.imrworldwide.com Failed jjm8xtxrh8o1q146shsfb6giidstp1652876784.nuid.imrworldwide.com	72 KB
5	googleapis.com firestore.googleapis.com — Cisco Umbrella Rank: 1894 imasdk.googleapis.com	333 KB
4	demdex.net dpm.demdex.net newimagitas.demdex.net	7 KB
4	myfinance.com static.myfinance.com — Cisco Umbrella Rank: 13747 www.myfinance.com — Cisco Umbrella Rank: 13373	54 KB
4	gstatic.com www.gstatic.com	266 KB
3	redventures.io at.adtech.redventures.io — Cisco Umbrella Rank: 28179	191 KB
3	go-mpulse.net c.go-mpulse.net — Cisco Umbrella Rank: 549	50 KB
2	unpkg.com 1 redirects unpkg.com	2 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 288	40 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 141	665 B
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1180	401 B
2	myfidevs.io a.myfidevs.io — Cisco Umbrella Rank: 13357	166 B
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1563	111 KB
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1026	41 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	aswpsdkus.com aswpsdkus.com	38 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1226	23 KB
0	2mdn.net Failed s0.2mdn.net Failed
0	rvapps.io Failed admiral-mtml.mt.rvapps.io Failed
285	28

	Domain	Requested by
39	securepubads.g.doubleclick.net	at.adtech.redventures.io securepubads.g.doubleclick.net windows-setup12.live www.googletagservices.com
34	redventuresgamdisplay60805146916.s.moatpixel.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com srcdoc
26	px.moatads.com
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com windows-setup12.live
20	www.cnet.com	windows-setup12.live www.cnet.com
15	windows-setup12.live	windows-setup12.live www.cnet.com
11	z.moatads.com	at.adtech.redventures.io windows-setup12.live securepubads.g.doubleclick.net
10	www.googletagservices.com	windows-setup12.live securepubads.g.doubleclick.net
7	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
7	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
6	www.google.com	tpc.googlesyndication.com
5	cdn-gl.imrworldwide.com	www.cnet.com cdn-gl.imrworldwide.com
4	www.gstatic.com	windows-setup12.live
3	dpm.demdex.net	www.cnet.com
3	firestore.googleapis.com	www.gstatic.com
3	at.adtech.redventures.io	windows-setup12.live at.adtech.redventures.io
3	c.go-mpulse.net	windows-setup12.live c.go-mpulse.net www.cnet.com
2	unpkg.com	1 redirects
2	imasdk.googleapis.com	windows-setup12.live imasdk.googleapis.com
2	c.amazon-adsystem.com	at.adtech.redventures.io c.amazon-adsystem.com
2	sb.scorecardresearch.com	1 redirects
2	ping.chartbeat.net
2	www.myfinance.com	static.myfinance.com
2	a.myfidevs.io	static.myfinance.com
2	geo.moatads.com	z.moatads.com
2	static.myfinance.com	windows-setup12.live www.cnet.com
2	confiant-integrations.global.ssl.fastly.net	at.adtech.redventures.io confiant-integrations.global.ssl.fastly.net
2	tags.tiqcdn.com	windows-setup12.live tags.tiqcdn.com
1	jjm8xtxrh8o1q146shsfb6giidstp1652876784.nuid.imrworldwide.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	cm.everesttech.net	1 redirects
1	saa.cnet.com	www.cnet.com
1	newimagitas.demdex.net	www.cnet.com
1	aswpsdkus.com	www.cnet.com
1	static.chartbeat.com	windows-setup12.live
1	ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mb.moatads.com	z.moatads.com
1	urs.cnet.com	windows-setup12.live
0	secure-us.imrworldwide.com Failed
0	s0.2mdn.net Failed	imasdk.googleapis.com
0	admiral-mtml.mt.rvapps.io Failed	at.adtech.redventures.io
285	47

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-17`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.cnet.com R3	`2022-04-30` - `2022-07-29`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
at.adtech.redventures.io R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-04` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
rv-urs.cnet.com GTS CA 1D4	`2022-05-09` - `2022-08-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.myfidevs.io Amazon	`2021-12-07` - `2023-01-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
aswpsdkus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-20` - `2023-02-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
saa.cnet.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-09` - `2023-04-09`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://windows-setup12.live/
Frame ID: 667DEDD8D56BB3D22DA5998016012581
Requests: 150 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/38QDY-8CT77-8XNH2-VJQTD-EK4YX
Frame ID: E6E0E663CCD58606D458FDCE6C1D5A7C
Requests: 2 HTTP requests in this frame

Frame: https://8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91A6204849CE103FD72DE2F108C365CF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvupMDd1ZtzA6RQLiiFdLSquHdB2ORTiVGbYnaS_eWQs-znAVa4flxhgBZ31CImNib-92Q9hQEYewsTvGGssUVrsYmY60EUi-e9Jw7sxUfwxg58ZAg_VfIGpDf-zn2sMsPoPOFOZPnSWVsshlJ_LdoHB9tiIl7ZSvNCRAKM1-IQSYMO5wgxsdQtzH8mpwHuwDIyxIEm9bUZr5T08el9ZJOw9iz4FReMVxCHcRpR-vcqEWzLFDdbN5y3CRxwlT-aL15tp3ifFqwkJVKgJB42QDQl73c_A99tK6V22Rw-m28Iq-qDBwQcU4QQgMe8TKA63iTSkpIlntq9cTddUaafIX3kBTx1edpMJGII65913E6TuOud_eZgn-Lt&sai=AMfl-YSthrXDOhspkTvNr3pYGtfcJw_nOyfOF7w7AOPI2gOkzHcHygXKoiQVtgWLUWk-2McaUt1DdoFWSU_71knKack21NZqE3a7RwC2yRYRYX907L84rPIXJfyD3AGXvNsk&sig=Cg0ArKJSzPPb1XD2ENsBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8164F0E7A772B2FC1CC84E5BC2F490DA
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3QA04XLsu5yrE5qy6sftmcz0qFZPpwCB6eFMAvUdMy4SFZ93I4CgFg04SfmlnXPXyqAj9_oGIJcTzCUoW9KU_VoFMAZ8J7oDVrVjhYgWDe0mK770UCN5K09eBFVXiDdKosvg56iChxE4_rQHtcPO9m1b0n2aXiVQzBPKIJ_Rxy2cwIMXnk3FwyGi2pKmWx3k2vjqX3IeUvgiG1l8WkgKxqgVSgCXcGInKXuSuvsVYJ7vB0CGJ3IEv4OMAQpiooVV0R7lzozkoqs9t_nghcbsWYX3WX46sIQQS8ftAEzNDgQKF9BTme5GnGK9NaM-we-50tNggp2PBhuYvlvDw6SHPO8xtjQxiLatUHpI_-BgjHSmiTlrXP4V_&sai=AMfl-YS94so45Ixdd4UbrkGX5hnuLL5ThO9oexYaTRWGsdjjU41ZBGEVWxr18yqFHQB-_k-lldhZU6qL3oLAu17ed0jKIbOmXLJGdZUGJMjpfSuvD87hRmhKE6N1hlDnPAkg&sig=Cg0ArKJSzK-J-Y7CRP6IEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B9B03067ABFEC757E18E30BEC6A3EEA1
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRdTqpweoRspUr8hqe2zDzi84lhkz15tUNwA0Y8jnOb4G36jxNzdyXRhhD3xE9e6r88ThXlP-KSubhNCoTN39oXDIm-bUVXJq_6M_foavxSijtqP6e-hHvZVH0CewgEgXWFzvT4VxWjZ_XK9FMKgeN58tHL1Ay7m2sV00dkZM_8tg0gPp7INM3blXDGSuNE9yJ3Bo7e8WeaErpc4t9qzBFpA9PC0A_amkkpif22N3Kfno28KVj3G9sjUwC_IoqfNqo9sxV5WBL1V58GHmL1DArCBGgAl5H3XFDRuepVvVlmPhc5JSgV1J89jkS_MIGZiUUCcF8KVzYKwqR7X6Dhs3yvdkh7aFqTdIlARfGXPPiwvgjDJad9OCw&sai=AMfl-YSX29FWwj5AwdYnJsj0NLRRqRyZclhtWKX1GfPRDxGgoMGDKiMQ_gPQuDml5QqBH_L6hRs-8BuUzpHW0O8haApaqG0MTfDeC9b23wmCtu_U5tV-iwtmtKKMc2p1GUN0&sig=Cg0ArKJSzLVG1mWI8nSlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6F5D78AB8C1190E60790A9CA98BE6979
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIGq6hhwa2QHPgj6IFsHjfl1c9ct_5Ihtk4yloxh38Tm-YV4wyw-a242aiQi_ktznPIJ1kfxd9Izy1UI2daVSbimtTNLleUFdQFUGTN74geq4__1Su6LP7HNfsuuhmUnOz1QK748J-OBSK5BG7zykb78RRGxix2svGel7mit26pV-MS_8luSbxSXkAxtNZDinObesYGtDp6-_yyqH2Ri-kXWyhJnfpVrUPe7P17Is075hFvvCyY8ZbcmlZUmUxkfjGdp0O8AA0mlFvfTO9btKkXxoS2yxr6opW0e_fQ6WWOJV15e0xEmJWWUjwZnjLLDgi12RQCTV6h4ZNTM1aaIy_CVv2Gz3xjPQn1bxQ-87WHFYJNfxCv17M&sai=AMfl-YQXT436g77PeNq4uUJCFgSf3BjzyXXGHAjEfmWOVf-vqOm8zSrlzFKiVZUu0-BeRjUMdlB1I3I-u5aAH4bIsFXxwAPCO1omsSJesvbO7OgQAORBLqFBWlvHGthK8-1l&sig=Cg0ArKJSzP1LjCDWZkB_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EB234C5708B8E90919E0D9C69C0F58D5
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssViW06XiocvpO3CY58dYNvAQPiS0RqdBFLCzDWbTzJUkNY93kbuRGFNjGHn7H4_Og9ze9b_TBQ0Yo5OiM-T9Y0M3dKYXmv4wgSs3rJmQkw3cdogmAj08g6w-hxWajwnVe0J3DyM3MXZjj_JsAYgRAPJeF9imZX_bfljI0pv2WcEMSwNyHvFh6Q6teAOZXAzUIJvIuADCtXJY8fL-L00FFvepmTPrwPLkAtKTXBLtHa2C3NvLg5qb-zFyZs7cVDkjL0txa3PvVVz1ZuH3xuLvpWciJhjBYuXVy3J9Dqg5jIVoYfteaiuS2CNbLyby2iVxfADZX28VDM_mGhWxg-35ZulAC7AXKFEl1UpnqXejd4xj2dffkecF4r&sai=AMfl-YSLnz3caZre6Jl_8EYrSR6fsizzrY5yhBRgv1tjVVkUFYniazijIBNV4jHhbtw1EOCXh5SVHqloez0D2WSnUuYiHOW_lP9Kvph6Qdn1ixbGq7BUd9DR62fAeGpmnnxb&sig=Cg0ArKJSzKZ5VaYnGcGjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A66663D7FB5560AE8A11B4E9A58B81AB
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80D5847988A5EEAF837FC11B5DD8548A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D09359FADD1E79F9F32DAD65856701EB
Requests: 2 HTTP requests in this frame

Frame: https://99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6FBA4D57B1A9839A321D05AFEB920DA5
Requests: 1 HTTP requests in this frame

Frame: https://4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DC484764E125280B887430FF4D787298
Requests: 1 HTTP requests in this frame

Frame: https://07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0316A0040DFF6C6E2F95EBE6DFB16F25
Requests: 1 HTTP requests in this frame

Frame: https://e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F7E88E91180AA78008D1461180F593BD
Requests: 1 HTTP requests in this frame

Frame: https://ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7400EED3226826025BE4331A74994CC0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAFsEaQO-cxvhFfGxpERfNdEYVUb9vUYA2ASv7Ty3lmt6nbBRZzaqB7KDgVPGyvAp44maEWVxn71rtxg1l9j0KIHnIP_P-EPfFU-gggpWAo6BqjOuMz3cDPdffsrQUlrWSFFOQcmSVCecyAD5gsrVNm4cHoc6PqOq0CLz1M7BCxnNRmtwa5ztnfMgDuzY8oUgOSp2GWktoYVCt0RYXHvBIG0R2rLd8oXsPdY7X2qYR6npzHd_PivWtxlq0_G0OdMdaYQs0garOCG-MZsOnVRbqLgSEpLvIbTZ7fya8Zp6kZQlirToKY6Bc3BfY8dvAMVU&sig=Cg0ArKJSzJ5RHQkzTJM7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DBA7D60A2F23DC3AFD232C31FA4DC054
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8OGC2FGh0S1dBhW8Ck1_LgWM_zDQLPmP0vn3xuWzAvP-UYosWoNRTMXJCoVx_ZEAdQBgzdPJMfv2hO3KIVlw_gGFQx1kMS-TzqcJ5ZLfxGPFA5-s_q3pfUaX0gpF-iA2gSRmLZHwEwBpUFbp1jzPEe7xiNvPwgUO95v_QSXoaSGqO10Fu2Aa3X3hRIdTvNFzs5oi_Pf4PWtrDsEhX0r8-HlXRZ-bRqKNwdBS6v4g4ohX-DnovUkJYDFCJfBS461vvFgW_jBHKWBFyeGlkSCytj8gBjsSGGECv-z3OT5Qpwf00tHablC8yxcQauSCfs1c&sig=Cg0ArKJSzDKdZOZkOdULEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C4546977D927B11DDE6396CBEA00F149
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupIjRz5qFFhXFAa7j6ZhRqPs7asWUgCSsZ47RvFHWQApSo1NzGjYpYRy-ilGg3aDhNuIxfnaBA6_a8vfZJ1Ys11yOkmSW-LZMzk_fpEq8o4T4xtUx2hMiy-WRK964l2JN_D_xhEf8MCUJ4025DVht1WlSo0rodhdnVLdMC3gIfo-2XFyai2A1yJXOzvszv9Lz-eac346v9QkiiNT1L-tEL0gkJw40fWHHNstZkFMars9eM0L5Y01TRdJgOytY_W3F_UX-rO-K69MJNSBBmWbGuNW2ET1altPYPbe_6K9JNrZsnFGekAUobXzWnT61RhC4&sig=Cg0ArKJSzDs6tjYuYVykEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AC0F19E92AD410B02FBD54186A1796DB
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHgd_1GVEthj686a3MaFUxKi2T7PaRKiJWCXgUIvd5IkcKKdB1UcrQUBMx_h4h1yJhAw4z5pOpeY56kNNN1-OTvsQGAEMiCeRLsTwBcbmxDgN4EDxcPfU-Qbp-E0sC5BJFcMgvR_W0b5QKX7ntvtPCStgwlr7bgwwELcF0VQ-ZvWPyY6dcnUV8xLVuF3cOpVwmIJVjjyjc-56ec0blMroXnaHWWupNRNC4--WTm05YNVRB3I3VsCYJ4l2ORi-34qtq27lzRYu6tZbv_B8kUvajVB4vs9-J0fs1sXFJgjgJvz-q20NKJd2uSPxy-bViO9k&sig=Cg0ArKJSzPlxZODXpAm8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BB93246EF58E2ACC3C6D89CEEB73091F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGlUti6wQArT53GUZCNa5QC4UbqNybdv14uJtwiE5v9xyu3DH6OR2wNeLb31nDI43tVgxlyEgtMSC3SnVMhNB1N9ko7RBg_blCXFLKNzXWSA4qsrU3b5gRVpcsEaDy0w5_KirUkcfTqLiIMzZR4x_xD22-5647VNFHTESiEQQ3DHJQ-eW3gX2dEkKNtxeQLmC6tx9kDGg383_PT_K9szkiCEHppLocQGjwxleUcRHkrXwfS3ry6Lw8kVysVFiorL_YKp2OStyFIdZOIRzX2SXM7X7bjmnxNO7gRCfTeEWrauro90VBIzJs0_GfJu85qPk&sig=Cg0ArKJSzHyNGmblftVREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 934D9E361A19F6E77068EE34C68B7750
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A6F976FD00F8C85A89323F8590743D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 114875A795A4BA12176466C206BABE15
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02B6EB20DF9670BC03747ACF174FE449
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE1F40686132B2665F9F67FD325DDCC2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBDED1C512509D6E8B70480FC560C6DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA3A7A173DDE1F0C9324A2EF266F54B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A14CCD6FCB0E33CFFEDB55E72305DBDA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84059852DC915729BB20459750A24BD3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AECB313182B23F804013752F0620D61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF082449AEDC52393DEB883F60783FCD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html
Frame ID: 5AEAF86C0495FCEB1C0F4A475C8597FF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FA1FBEE9096AA81EA65AA724E09F80A3
Requests: 1 HTTP requests in this frame

Frame: https://newimagitas.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 4C668914E075F297CFC23A2FAADC9B83
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 7099FDF85F7BC24861069952F436AF82
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows 11: How to download Microsoft's latest OS on your device - CNET

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

285
Requests

97 %
HTTPS

50 %
IPv6

28
Domains

47
Subdomains

34
IPs

4
Countries

5326 kB
Transfer

15595 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 239

https://sb.scorecardresearch.com/b?c1=2&c2=31824268&c4=3000085&c7=https%3A%2F%2Fwindows-setup12.live%2F&c8=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%20-%20CNET&c9=&comscorekw=operating%20systems&cv=3.1&ns__t=1652876783738&ns_c=UTF-8 HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=31824268&c4=3000085&c7=https%3A%2F%2Fwindows-setup12.live%2F&c8=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%20-%20CNET&c9=&comscorekw=operating%20systems&cv=3.1&ns__t=1652876783738&ns_c=UTF-8

Request Chain 254

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 287

https://cm.everesttech.net/cm/dd?d_uuid=00811440377314181711156458021631559637 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YoTl8AAAAK3bCQOY

Request Chain 295

https://idsync.rlcdn.com/365868.gif?partner_uid=00811440377314181711156458021631559637 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDA4MTE0NDAzNzczMTQxODE3MTExNTY0NTgwMjE2MzE1NTk2MzcQABoNCPDLk5QGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=e52943659e93153c695ba63055f343ea33fb7888305254877cec1a53d4e6998cb0da87c991749652

285 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
windows-setup12.live/ 230 KB
55 KB 671ms
473ms Document
text/html 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 108c2ceece5bddb2bed908b11281788a4bed90307c3ef251cea834a59df48dcb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 70d49493ff9ed795-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 18 May 2022 12:26:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPGyBHj5Sedy7jjk2eE3GPt1kZwGJjhk3u4yeCLNrppZgYx5%2F6BLb2B%2BPHiH5XJkRhe5knRJcuC%2FOehCPh1%2FZGa%2BH%2BsvU%2FOMbWq%2FdZT%2BR%2BJMsDnxdWGtswm9VEMLbwCG5xQ381f0%2F%2F8ZwO0RfieYmIhB9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 /
windows-setup12.live/ 49 KB
49 KB 279ms
278ms Font
application/font-woff2 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FMonumentGrotesk%2FVariable.woff2%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0395f2a5bd4241f7b062643e4bed84d25327932c2d2576c3e7f51b892b5bd208

Request headers

Referer: https://windows-setup12.live/
Origin: https://windows-setup12.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXo2XO%2B7WV135lNmlAlJF7JYz8z59SddIHuFpoiayEzIe7F6WnWo6HyWQs0%2F9F2G8veGu%2FiFMt%2F5qY6kqjUrQM72p9rzCLfHf8suJOK3BG%2FzW6v6buC%2FPoKBOGkqwhDXDFp3QY8gsvzgh5WEZoubOHq%2Fuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cf-ray: 70d494972baad795-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50016

GET
H2 200 /
windows-setup12.live/ 20 KB
20 KB 317ms
317ms Font
application/font-woff2 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FSentinel%2FSemibold.woff2%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ef8c92c253d5730dcc16752d863ec079cda2f1de7272b44220d71e9ee35670

Request headers

Referer: https://windows-setup12.live/
Origin: https://windows-setup12.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKbVYMEqrtmM42Os%2FAMu3A1S%2BWAb3Or04S4sUAy71RnrCOrPnb8W%2FN7UWSUc%2BWGUSXYGodjCXe2e50GyQV8sKNNLnMuKqzhbMHHaVq9y6qyyaUX6YxhmpbB53MdRbUFzbq%2FEcY1%2FXhoP7Qtp47kHEO89Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cf-ray: 70d494972bacd795-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20044

GET
H3 200 /
windows-setup12.live/ 25 KB
25 KB 282ms
282ms Image
image/webp 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-setup12.live/?auto=webp&fit=crop&height=488&width=868&_=%2Fa%2Fimg%2Fresize%2Fffe588575b2746127fab18e5e8fd0d2d18ddd8b9%2F2021%2F06%2F24%2Fe58fceb6-e7c1-40fb-bf6d-b29e81f9a713%2Fscreen-shot-2021-06-24-at-11-45-41-am-2.png%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62becda61c0c6ffb5c809575d73485504a5460d773226c438385794bf1bf047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3X5wVzI9PRrCEYPYbvgtZrRhss88VqKRPhxl8lJdWVVSKcRq%2F82s1yz8iv9F7OvHASXZEQTlamT87a4XqQqwV6dO%2BsZHBmzA9gW%2BYINTBsAhryEPOy32zqkgLQd7gkLqq9%2B5KB2KglXVwtenQXFelrdFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 70d4949a6809e928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25496

GET
H2 200 /
windows-setup12.live/ 251 KB
50 KB 376ms
376ms Stylesheet
text/css 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fcss%2Fcore%2Fmain.desktop-a456cae13a-rev.css%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee94dad356f6210ceaab58d4201de993f966e9e8bbbd1f6280c65a77dfda9426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azb151p01tTx5ll4HXyEGtLCvPX5cgxogzIEOfoza32opZG3R2eox855KNPHJgx0GkRJuFkHRBm79Mahn1NxFKlEOP%2FHn%2FofGciFNoOa3RBwKIJbcMEvi0RUxNLe16r6Bax74URegaH6W1r6%2Fw5RuEyAnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 70d494972badd795-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
windows-setup12.live/ 275 KB
40 KB 407ms
407ms Stylesheet
text/css 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fcss%2Fcommon%2FarticleReview.desktop-55a92ae84e-rev.css%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be71b63f275e25b3be268e5aba5810ab566e4db7359c25377838afc7baba9c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3019wAmB404sChVSd%2BEflUZxmAKdz02qco8mvxMa0KLB4%2B%2BHHMmtMPNPD%2FWRKHMLUUkAURxLvt%2FtTWD5%2FG7ukWfkRbh6WjDL5JkoSxiY%2FpKF%2BrBUj7FwDll8C95ktO7VlWdhfLbhpVZRDwNggPqHIE2Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 70d494972bafd795-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
windows-setup12.live/ 20 KB
7 KB 307ms
307ms Script
application/javascript 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fscripttemplates%2FotSDKStub.js%23nQ1QFOS2NOOG1yqRWpEAl3oApomhd4pTog%3D%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaFVPWups6YdU9hxLUfCvgVVDqS9qEnhZ61VTUC6kFwBCNDyHcBv%2By1gDlaha%2FmAjced2AANAT8vEqFJB73itS1jsoFkQE9%2FwntJwS4iUtkS5%2BRRBDnqPly0GNPNQNkb5Lz0SCUeyYS6ByHPVFGyt3uZYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 70d4949ad897e928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
windows-setup12.live/ 36 KB
11 KB 328ms
328ms Script
application/javascript 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fa%2Fprivacy%2Foptanon%2Foptanon-v1.1.0.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaURNrMQqAaYmLV6fLPEhvQI1Hs4NSELc5napsyoO1af1qXmIKQM5vpiTStzppsN24DUVTQXTnreaN7Ix1cnHppKmuRZNRbxKaRHjwLBuYFE2JFS2ySHuWmktRy1BMf6HRCGpphCNQiFUG%2BLEVt8pCWJfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 70d4949af8b6e928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
windows-setup12.live/ 2 KB
2 KB 316ms
315ms Image
image/webp 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-setup12.live/?auto=webp&fit=crop&height=84&width=84&_=%2Fa%2Fimg%2Fresize%2F00e434a372a975225a3225ed22c357c4817fb06d%2F2019%2F09%2F04%2Ff91f9063-68ae-4d4c-91e0-fb4f313fabdd%2Falisondeniscorayome.jpg%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3b75266cad928fb68bb036efd74fa91c23ae4e54b8d99540473847f3244dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKuDfPLkNoRwMop%2BVgLQoXYg3MJPy5E3g99EpY874ydWjhPiUOk9tJsFUnCj21yz5Pdl2KlUKx5ctyHy30vdRLFjrJcSn5fS6PTkVTAJEzU0ffxeu1hNNjdYB5KQCjGuN6VGb6sH8hnxe%2FBnJ6oUw8Jqdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 70d4949af8b8e928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1622

GET
H3 200 /
windows-setup12.live/ 5 B
496 B 492ms
492ms Image
application/json 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows-setup12.live/?id=a7349971-819d-4570-991b-b93081b44de3&_=%2Fdisplay%23nQ1QFOS2NOOMnifSXtMOkX8C55ikNoEPpI%2FEfOIibrGWFkk%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4aiRMcDCIn5LxmjT7Q8XFQ39UsALhNJ8ZHBRK%2FD%2BGC2Th0pHlE7UOa6gyMu1GLnvEd%2F45R3JBFcnJpL0ctrWIqgYwqHQMBY2zW9DxPzBD5ouDOWCfCXkRTeaPoulIZ8crwab%2Bc%2BNInfpbn%2BNc8zyayc0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 70d4949af8bae928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5

GET
H3 200 / Show response
windows-setup12.live/ 16 KB
7 KB 377ms
376ms Script
application/javascript 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DO6R8uP1mwL7zMXb2OLkcLFMxxEJoD%2FQ2Zp9dNw2J4Sfef6SWY9BZ5QO2dZm7YMs%2F8wnVVNpt5jzBjPl4L3ps9rgdgCdk0cjs6A2OuKP4JGx5owNAgRjlWluZMSqG4l7PsFnAhvGA8PwySFU%2Bp3yHAzsyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 70d4949af8bbe928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 38QDY-8CT77-8XNH2-VJQTD-EK4YX Show response
c.go-mpulse.net/boomerang/ Frame E6E0 205 KB
50 KB 52ms
16ms Script
application/javascript 2a02:26f0:f7:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/38QDY-8CT77-8XNH2-VJQTD-EK4YX
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f7:181::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 12:26:18 GMT
Content-Encoding: br
Last-Modified: Tue, 02 Nov 2021 06:22:27 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ Frame E6E0 68 B
346 B 57ms
31ms XHR
application/json 2a02:26f0:f7:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&d=windows-setup12.live&t=5509589&v=1.720.0&if=&sl=0&si=baeaf399-4186-4354-8e8b-2ea8d22ebbcb-rc2vvt&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/38QDY-8CT77-8XNH2-VJQTD-EK4YX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f7:181::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 18 May 2022 12:26:18 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 68
Content-Type: application/json

GET
H3 500 / Show response
windows-setup12.live/ 55 B
565 B 141ms
140ms XHR
text/html 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/?_=%2Fscripttemplates%2FotSDKStub.js%23nQ1QFOS2NOOG1yqRWpEAl3oApomhd4pTog%3D%3D/consent/d7b19758-74b7-4244-8f94-61299f58ea38/d7b19758-74b7-4244-8f94-61299f58ea38.json
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fscripttemplates%2FotSDKStub.js%23nQ1QFOS2NOOG1yqRWpEAl3oApomhd4pTog%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262b9f64b0f097d7fa0cd46c9d7fb42542b2a3eca1ff6dc36b71f3e199c0b0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eVxakFk0QtPcEctIoKwLhMmRq5gD98CM62gKHu0Q7n2Inhfp5FwO70fZCukpNrCzbIbGhC%2F9GEECMCnycK%2FGI8ZrFWh%2FNL4%2BmdrbVH%2Fju4FQnOY3XbbB4zuhJ3FVuaPfxfgWzM1yG%2F05hpW0a%2FXKeDVdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 70d4949ccb52e928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.default.js Show response
www.cnet.com/a/fly/f7cb05-fly/js/ 216 KB
66 KB 63ms
15ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/f7cb05-fly/js/main.default.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a7fe9f41630ccd20ab1281b3a5116d757a82147b6d34621aa9e9c96df76c30bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:46:34 GMT
etag: "117564bc404b474cd0d5ed20b423c276"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 67291
expires: Tue, 24 May 2022 16:48:37 GMT

GET
H2 200 require.optional-dependency.js Show response
www.cnet.com/a/fly/js/libs/ 5 KB
2 KB 18ms
18ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/libs/require.optional-dependency.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0b7acfa6cb21d4b14adafef0980ecc8054b66a77227320c492686f5aab343ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:19 GMT
etag: "f5dd6b4d118d3caa348c815c01e58f46"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1749
expires: Tue, 24 May 2022 01:24:17 GMT

GET
H2 200 mpulse.js Show response
www.cnet.com/a/fly/js/libs/ 60 KB
12 KB 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/libs/mpulse.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f336d157ea725abc96d756462a6c77a86cf9ba8a859b7019e905100ecf7b488

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:19 GMT
etag: "7aaf2a05549a84317275a6553a96459d"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 12259
expires: Mon, 23 May 2022 23:23:45 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/redventures/cnetglobalsite/prod/ 134 KB
41 KB 106ms
82ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/redventures/cnetglobalsite/prod/utag.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4236796979b20c74c5f32531d37e3ab3a712f3e1ef58557961aea69818456e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 15:56:10 GMT
server: AkamaiNetStorage
etag: "e2225b194ed675949d46dcbc3957c27a:1649865369.977794"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Wed, 18 May 2022 12:31:19 GMT

GET
H2 200 bidbarrel-cnet-rv.min.js Show response
at.adtech.redventures.io/lib/dist/prod/ 687 KB
189 KB 48ms
15ms Script
application/javascript 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19a1c3036911314c87acc93b75ee0bc9bd8a4dcc3c3bd1cc3830dab2c116fba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront), 1.1 varnish
age: 123
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 192747
x-served-by: cache-hhn4023-HHN
last-modified: Tue, 26 Apr 2022 16:57:50 GMT
server: AmazonS3
x-timer: S1652876779.248859,VS0,VE0
etag: "d814d1ccc631964cb00fe4b487b40266"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=900, public, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: _Oc10HAmtnY4HCzU4Pnp1JiBR4oxtuHvJ-0bONwxsTybi6chrBcBCQ==
x-cache-hits: 2

GET
H/1.1 400
Bad Request config.json Show response
c.go-mpulse.net/api/v2/ 24 B
189 B 29ms
28ms XHR
text/plain 2a02:26f0:f7:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&t=1652876779216&s=5facfe0037a0181668a2264d3dd22c77045b1de3228db63a4cb0d4b1461bb907
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/js/libs/mpulse.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f7:181::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0f74dbed1d29665781e054861d07a1321aaee5d29c834876752e86d96f075c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 18 May 2022 12:26:19 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 24

OPTIONS
H2 200 diff
at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/ Frame 0
0 141ms
127ms Preflight
text/html 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/diff?variant=core

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: cat,content-type,variant,version
Access-Control-Request-Method: GET
Origin: https://windows-setup12.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-origin: https://windows-setup12.live
allow: GET,HEAD
content-length: 8
content-type: text/html; charset=utf-8
date: Wed, 18 May 2022 12:26:19 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
server: Google Frontend
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 078b345cabb08933256149f8d7e481ba
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-served-by: cache-hhn4074-HHN
x-timer: S1652876779.360660,VS0,VE121
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/ 222 KB
49 KB 29ms
7ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 956e7f4101334dcee918edcc3612acf0defaf53c225f75fc205e2f09717ee5d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 12:26:19 GMT
Content-Encoding: gzip
Age: 1700
X-Cache: HIT
Connection: keep-alive
Content-Length: 49238
x-amz-id-2: mDVhP7pufR6jKvL9ngjW1RslPZmlhqBDWGRodhGfbKweWvhwN6x7srhoh8o37Inzu/+JgTJjP/E=
X-Served-By: cache-hhn4039-HHN
Last-Modified: Wed, 18 May 2022 11:53:32 GMT
Server: AmazonS3
X-Timer: S1652876779.330693,VS0,VE0
ETag: "140aae2e760b383e67860203249c843d"
x-amz-request-id: 52T4SGXRWP1BJPTS
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 71

GET
H2 200 diff Show response
at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/ 12 KB
2 KB 141ms
141ms Fetch
application/json 151.101.130.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.adtech.redventures.io/lib/api/v1/cnet-rv/prod/config/diff?variant=core

Requested by

Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ca3d0a3985f2aed9f85e876e728ad29f02857884a0d6d4ad9fc2e05c4fa9d53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cat: T2PHkWPUZ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://windows-setup12.live/
variant: core
version: rv2.26.6

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
ttl: 900s
content-length: 1641
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
server: Google Frontend
x-timer: S1652876779.489570,VS0,VE134
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 12:26:19 GMT
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 13e60e1832550c47bcbada3de5b6e91a
cache-control: max-age=900
etag: W/5c3dfb01a4fb6ebc1bf8c6cc97fc9b23ace663d0
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 56ms
22ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1218 / 850 of 1000 / last-modified: 1652871876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 May 2022 12:26:19 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ 194 KB
62 KB 8ms
8ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 18 May 2022 12:26:19 GMT
Content-Encoding: gzip
Age: 212
X-Cache: HIT
Connection: keep-alive
Content-Length: 63033
x-amz-id-2: 58gElluOuCwWBtEVPun3TWl7MgVlsRQz3OjExuyxVhjXkvGx9p2tDF60myK5rwiwhAHpcvEhI4c=
X-Served-By: cache-hhn4039-HHN
Last-Modified: Mon, 09 May 2022 15:39:37 GMT
Server: AmazonS3
X-Timer: S1652876779.376121,VS0,VE0
ETag: "ecf02ff527b0ed563b40adaa835278b3"
x-amz-request-id: 9NBZ3EYC95NKAX8V
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 881

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 23ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=redventures/cnetglobalsite/202204131556&cb=1652876779373
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/redventures/cnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 18 May 2022 12:36:19 GMT

GET
H2 200 article_video_test-17a552d99d-rev.js Show response
www.cnet.com/a/fly/js/pages/desktop/ 334 KB
89 KB 24ms
24ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/pages/desktop/article_video_test-17a552d99d-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7da0d535603a6931ac5126c47d39756e381e4397e6e4470a57303233c193ac90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:29 GMT
etag: "21d7254f4de99cf61b811ec20dc69ca5"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 90755
expires: Tue, 24 May 2022 01:22:54 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.1.0/ 12 KB
5 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-app.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18de5cf69a219d96e4893face075b87cf39858701e63cfc6e0a069e1e79738f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4048
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:36:28 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/7.1.0/ 160 KB
160 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-auth.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b766d96e65691c3d05e08120e72cef01873b97c47a2827eacf4f589f8eb0623a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:15:59 GMT
x-content-type-options: nosniff
age: 90620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163454
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 17 May 2023 11:15:59 GMT

GET
H2 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/7.1.0/ 358 KB
93 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f5ac6b43f6acf5949acc9f633aae7af8a74a9d1210fdad0a9f3f9fd31f17e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95426
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Wed, 17 May 2023 17:54:48 GMT

GET
H2 200 firebase-functions.js Show response
www.gstatic.com/firebasejs/7.1.0/ 8 KB
8 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-functions.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b74ffa52355fe62c1b8cd95c60227724238677736ac0c100ee87511558d0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 20:00:26 GMT
x-content-type-options: nosniff
age: 59153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7887
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 17 May 2023 20:00:26 GMT

GET
H2 200 video-player.js Show response
www.cnet.com/a/video-player/uvpjs-rv/3.2.4/ 933 KB
248 KB 17ms
17ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/video-player.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e580c6ecc589733f053a6bec86dabf075a95a3b80d200153fa317ff1a060f119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 00:25:00 GMT
etag: "cd773dfa57dd206d10649a5a310c6577"
vary: Accept-Encoding, Accept
content-type: application/javascript
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 253791
expires: Thu, 19 May 2022 08:06:44 GMT

GET
H2 200 urs.js Show response
urs.cnet.com/sdk/ 50 KB
50 KB 171ms
113ms Script
application/javascript 34.120.203.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.cnet.com/sdk/urs.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.203.121 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

121.203.120.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
via: 1.1 google
last-modified: Tue, 12 Jan 2021 17:00:48 GMT
etag: "5ffdd5c0-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51203

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 21ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 12:26:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
80 B 32ms
18ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0827b517884b12ce38a9fb9cb038bbbd8ab5384dc2ccb5440c74e8655de73e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
expires: Wed, 18 May 2022 12:26:19 GMT

GET
H2 200 link-tracker-a1d4fd3920-rev.js Show response
www.cnet.com/a/fly/js/components/ 873 B
595 B 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/link-tracker-a1d4fd3920-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edc5b06af5d2a98faa9164bab90273b8cb2729b663aa08cc9715fe0b49605004

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:46:41 GMT
etag: "fdba6e60b6c7960fff5a2a0e273639f1"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 488
expires: Thu, 19 May 2022 16:49:24 GMT

GET
H2 200 author-card-91aefbe7d1-rev.js Show response
www.cnet.com/a/fly/js/components/ 3 KB
1 KB 17ms
17ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/author-card-91aefbe7d1-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ac0299a3439fbae1af000d2f8030646570c0c2d4598d8ca202a2bc95bb5ae3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:27 GMT
etag: "ff5a610e9a6f36d9fe4c116f5feeb729"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 919
expires: Tue, 24 May 2022 03:31:45 GMT

GET
H2 200 track-cwv-a0fced62e5-rev.js Show response
www.cnet.com/a/fly/js/components/ 236 B
280 B 18ms
17ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/track-cwv-a0fced62e5-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b3b2fb20c7112dc96d8693c7d7bf31f524f016c2f81952ea5a82444fd0ede41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:27 GMT
etag: "25d0c5054dbddd864714f10cd0e6fe4a"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 196
expires: Tue, 24 May 2022 00:51:58 GMT

GET
H2 200 leads-tracker-9ab534a102-rev.js Show response
www.cnet.com/a/fly/js/components/ 5 KB
2 KB 17ms
17ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/leads-tracker-9ab534a102-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2749d85e39036858e8922682771f0d0dba813c75e3d616f5c54284c2817ae761

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 21:27:28 GMT
etag: "1e99c334df7667df3829e82e869b0c96"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1674
expires: Thu, 19 May 2022 21:38:51 GMT

GET
H2 200 lazyload-element-e183f949f7-rev.js Show response
www.cnet.com/a/fly/js/components/ 2 KB
871 B 18ms
18ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/lazyload-element-e183f949f7-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5aab77d1e975faf8b66b4ae8e2ccecc178b32680b1b09eaa1b7fcb50f7454c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:27 GMT
etag: "9f421a93b7c39030d5e305f981a9517a"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 787
expires: Mon, 23 May 2022 23:20:50 GMT

GET
H2 200 myFinance-widget-6c202450ac-rev.js Show response
www.cnet.com/a/fly/js/components/ 795 B
699 B 17ms
17ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/components/myFinance-widget-6c202450ac-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad7f0672ed74b2d0fb68bad63424a2ac419489e4607406dc51b7ffe7617cf4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:28 GMT
etag: "32c7b7fe2cc90a49c07b13eb992197d2"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 471
expires: Mon, 23 May 2022 23:04:04 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/redventuresgamheader644747280705/ 241 KB
83 KB 75ms
17ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a4faf82e8094578493fe5f94a41f896c24ac53cdaba7d91749431dc43ebbd425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:32:16 GMT
server: AmazonS3
x-amz-request-id: FS8HPDK99DVGX5AP
etag: "dc93cd16b35eaa1ee93c1009b6c1ab73"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50097
accept-ranges: bytes
content-length: 84220
x-amz-id-2: uHseWMNmHJvh74TBZy2WnSz9GMn1GI/EpApVrSfhRRHwbXv3CtYjcUkC4zxyLWJG/ceg8MRohD8=

GET
H2 200 img-5763-2.jpg
www.cnet.com/a/img/resize/3c6ca5c7d636950b0cd9cf9e592459ecae163ffc/2021/10/03/b1c8b7db-a2ef-4ecb-b738-cea763f7f1cc/ 4 KB
5 KB 17ms
16ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cnet.com/a/img/resize/3c6ca5c7d636950b0cd9cf9e592459ecae163ffc/2021/10/03/b1c8b7db-a2ef-4ecb-b738-cea763f7f1cc/img-5763-2.jpg?auto=webp&fit=crop&height=110&width=196

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a4411095cf3edaaccc4cdc906eaa79e7b929eaeba5596cac8bfb691f7b855e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
vary: Accept-Encoding, Accept
etag: "heTRjeIbKbF4khP1Kh0uQ+eOHSWG76mVOuOOlySiHzc"
strict-transport-security: max-age=63072000; includeSubDomains; preload
fastly-io-info: ifsz=2702584 idim=4032x3024 ifmt=jpeg ofsz=4590 odim=196x110 ofmt=webp
cache-control: max-age=31560000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
content-length: 4590
expires: Fri, 22 Apr 2022 03:57:36 GMT

GET
H2 200 windows-11-review-4.jpg
www.cnet.com/a/img/resize/a718b78c5a804663892fd6d9f41ab7baa86180b0/2021/10/04/61ce41e2-10b8-4d7a-a9cd-a806732d52a0/ 30 KB
31 KB 16ms
15ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cnet.com/a/img/resize/a718b78c5a804663892fd6d9f41ab7baa86180b0/2021/10/04/61ce41e2-10b8-4d7a-a9cd-a806732d52a0/windows-11-review-4.jpg?auto=webp&width=1092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c991f0bd0f52329102fa6cd8c8b29623f03702db25a53fc23fa5204dc82cf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
vary: Accept-Encoding, Accept
etag: "LRiNWDCCpsSesGhH+2nuQ5V6MNLlJJl6KUl9KxpzTNs"
strict-transport-security: max-age=63072000; includeSubDomains; preload
fastly-io-info: ifsz=257713 idim=1920x1080 ifmt=jpeg ofsz=31144 odim=1092x614 ofmt=webp
cache-control: max-age=31560000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
content-length: 31144
expires: Tue, 03 May 2022 09:05:35 GMT

GET
H2 200 core-web-vitals-724d4fab0b-rev.js Show response
www.cnet.com/a/fly/js/managers/ 560 B
456 B 15ms
15ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/js/managers/core-web-vitals-724d4fab0b-rev.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

106f31f1d5f1d6f0e560168ae9977701ec72c297374fd2ecc5def16b27268e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:55:28 GMT
etag: "411acd0c1e83592b8170364d08c782c8"
vary: Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 372
expires: Tue, 24 May 2022 00:49:15 GMT

GET
H3 404 / Show response
windows-setup12.live/news/windows-11-how-to-download-microsofts-latest-os-on-your-device/pubdate/xhr/ 196 B
669 B 153ms
153ms XHR
text/html 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/news/windows-11-how-to-download-microsofts-latest-os-on-your-device/pubdate/xhr/
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/f7cb05-fly/js/main.default.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://windows-setup12.live/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBhPzqlziusvI1BF7zyzrUyT8BZmXb%2Fk%2F%2BGjy6GGDdgIT7SOGDyBQYWTSouakSPRxrFhFaFA86iWnJiLVGofHUESF2mR8210fn1uXi6pffLRwdjsrPl6dHJgxaDINPKwg97R1dXFXYBbnD8JipqCCawsfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 70d494a1f979e928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 inlineMedia_core.js Show response
static.myfinance.com/widget/ 146 KB
52 KB 105ms
39ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/inlineMedia_core.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1cfe5dfe17054082cba9586fd595101a7e60439593aea94648600c8b8587e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HJ0ARKA7ZE16E8A4
x-amz-id-2: IHJ+Z8lTi18fOZybsaZSG4uXJjgxLbZTYFlXI8g4qgh0eF82OwelmVFwAPU5+D31woD8vo8c7Lw=
last-modified: Tue, 10 May 2022 15:14:58 GMT
server: cloudflare
etag: W/"4bf095a4b273942b33be59f94f46a7fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2wvFo5cgBM6hGZK6Xr6cMjQaXDg2tKlYnpyOYZfvfl4sSw%2FGr60J8W9Mm%2FXi9mLgM3RnKcJlOrX4wTE9s4Ha55fdEqvPswSB3Zgf%2BciUDod5eiZTdsOPBr8zNOzsE8SWrolJtlqrHZzKPnTW1Fn2JODIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 70d494a25e56e914-MRS

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
547 B 205ms
156ms XHR
text/plain 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fi-cnet-engagement-prod%2Fdatabases%2F(default)&VER=8&RID=41277&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.1.0%0D%0A&zx=ssm0kiodbwb&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f482add2f43253a28609f2fe2bbd57455565aa29d7c4cf3d088de7812478ff7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 May 2022 12:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://windows-setup12.live
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: Eh8n5_glHCtf-j0Bmav_AoDfhUMGy4ngN3zGWwQp6rY

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 226 B
401 B 144ms
35ms Script
text/html 18.168.99.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwindows-setup12.live%2F&pcode=redventuresgamheader644747280705&rx=584830375649&callback=MoatNadoAllJsonpRequest_31020527
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.99.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-99-230.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: cdbcf254729888ea6bd848f36b71a68b035cd9eb48ec008b2bbfe3457bcbb478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "078f9cdd0f867e13877ddf913195a789ac8654bf"
content-length: 226
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 84 B
257 B 123ms
22ms Script
text/html 18.168.99.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1652876779854&de=757428875837&rx=584830375649&m=0&ar=8d467bec877-clean&iw=712dc98&q=1&cb=0&cu=1652876779854&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A1327%3A1388%3A2263%3A1377&jk=-1&jm=-1&fs=198321&na=671538740&cs=0&ord=1652876779854&jv=931502567&callback=DOMlessLLDcallback_31020527
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.99.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-99-230.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 628287714107bdd04c456e70e663d1525784d9c788d7b7874ebd4b22805c9032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "62299381a43e17c6383a9b27d0fa0e7ea10851c4"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 85 B
257 B 123ms
24ms Script
text/html 18.168.99.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1652876779854&de=757428875837&rx=584830375649&m=0&ar=8d467bec877-clean&iw=712dc98&q=2&cb=0&cu=1652876779854&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=redventuresgamheader644747280705&fd=1&ac=1&it=500&pe=1%3A1327%3A1388%3A2263%3A1377&jk=-1&jm=-1&fs=198321&na=1260418541&cs=0&callback=MoatDataJsonpRequest_31020527
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.99.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-99-230.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 6a155451cb84984e82b1cad7d81118c88cf5f8d3218da29e9314031dd712c924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "6250a0f9189edd9d0918493804f9a7f883c922f7"
content-length: 85
content-type: text/html; charset=UTF-8

OPTIONS
H2 204 record
a.myfidevs.io/ Frame 0
0 306ms
100ms Preflight 3.218.28.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.28.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-28-227.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://windows-setup12.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
date: Wed, 18 May 2022 12:26:20 GMT
server: Python/3.7 aiohttp/3.7.4.post0

OPTIONS
H2 200 v1.5
www.myfinance.com/api/au/ Frame 0
0 215ms
153ms Preflight
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93aW5kb3dzLXNldHVwMTIubGl2ZS8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://windows-setup12.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken, x-api-key, Access-Control-Allow-Origin
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://windows-setup12.live
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70d494a32bcb735d-MRS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 18 May 2022 12:26:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk%2BPsS%2FbAqcGJ8LTpaNoI%2BhwdPUU6fKnpgItSIuvhpqG8nCD%2FqnDyoS%2FkVN8v%2Bm8F9Ulg2aD2uhuExmIRE%2FvU9lzzo%2Bq0XgIihc9qoCbZmu4B10Ui%2B3xOg1rj6myBhsyekzUdgtYLs%2FVO78Fy8Q5YA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Origin
x-content-type-options: nosniff

GET
H3 200 myFinance.css
static.myfinance.com/widget/ 3 KB
2 KB 72ms
42ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.myfinance.com/widget/myFinance.css

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/fly/js/components/myFinance-widget-6c202450ac-rev.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HEZZ3HRB6CT7KXP9
x-amz-id-2: m18KGQ8OIgZrCr97wrcZsbwSgzljrEcdEZgijFDvwJLuYHLT6hYDU2JwtiTxC7CCERNxkBhPHs4=
last-modified: Mon, 12 Jul 2021 14:22:18 GMT
server: cloudflare
etag: W/"528a38ce39fc58a866c1226253bbb189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mvnQQ6f47MagqumUHR25qnfRxSwtGCWdlPBtjbxY70JlxhCARBbZB1eUsfX9VIqVfMiR4LiPZigHvwSBiYR0Kn7JCJzKmeAe4bT2qUZ7UZbwUFiR4d%2B96hflgYwXvaLYxZneJC9jEOU4JjPlpxC9pirCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 70d494a2ec4f733f-MRS

POST
H2 204 record Show response
a.myfidevs.io/ 0
166 B 131ms
131ms XHR
text/plain 3.218.28.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.myfidevs.io/record
Requested by: Host: static.myfinance.com
URL: https://static.myfinance.com/widget/inlineMedia_core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.28.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-28-227.compute-1.amazonaws.com
Software: Python/3.7 aiohttp/3.7.4.post0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://windows-setup12.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-api-key: yuH27H1QId6afXAojow6Tafi7Vw9v1spaLD5Yznw
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 12:26:20 GMT
access-control-allow-credentials: true
server: Python/3.7 aiohttp/3.7.4.post0
access-control-allow-headers: *
access-control-allow-methods: POST

POST
H3 200 v1.5 Show response
www.myfinance.com/api/au/ 38 B
866 B 485ms
452ms XHR
application/json 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myfinance.com/api/au/v1.5?imre=aHR0cHM6Ly93aW5kb3dzLXNldHVwMTIubGl2ZS8=

Requested by

Host: static.myfinance.com
URL: https://static.myfinance.com/widget/inlineMedia_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce98257dc9ab9092e17aeacf8d20aa9eee43ac7bcdbee90267eaa4505f659c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://windows-setup12.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: application/json
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
allow: POST, GET
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSx5G4GqufZ%2FoQbn7OjlSK%2F3qah%2BJp9BzOpmys%2FQcNqGpeLd3iRaibmCS%2F1Ch6N9xN%2FEEuysn9lTtLBVjN83%2F%2FHPU%2Bi3638p3xth5gjixzPZx0dgNd6495wSAuffqmFFb4LM%2BkQ3oL6tZ%2F4DSU98jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
access-control-allow-origin: https://windows-setup12.live
vary: Accept, Accept-Language, Origin, Cookie
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 70d494a45ff4733c-MRS
expires: Wed, 18 May 2022 12:26:20 GMT

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 709 B
351 B 683ms
668ms XHR
text/plain 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fi-cnet-engagement-prod%2Fdatabases%2F(default)&gsessionid=Eh8n5_glHCtf-j0Bmav_AoDfhUMGy4ngN3zGWwQp6rY&VER=8&RID=rpc&SID=8JCMGwkvKaxDIYYVzpWFcA&CI=1&AID=0&TYPE=xmlhttp&zx=f9w01t3ychuj&t=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3abfafd3b7a3c3d46ff32f955088f07c383c6629fc0334d03746ef589c881155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://windows-setup12.live
cache-control: private, max-age=0
access-control-allow-credentials: true
vary: Referer, origin
x-xss-protection: 0

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 17 B
0 118ms
117ms XHR
text/plain 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-firestore.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://windows-setup12.live
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 50ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
16 KB 87ms
87ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2221655370860300&correlator=4276964119525013&eid=31067635&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&npa=1&iu_parts=22309610186%2Caw-cnet%2Ctech%2Cservices-and-software%2Coperating-systems&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x66%7C5x5%2C1x1%2C300x250%7C300x600%2C320x50%7C300x250%7C11x11%2C300x250%2C728x90%7C970x250%7C970x66%7C5x5&fluid=0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&adks=3234279276%2C380686334%2C374673385%2C2863627395%2C2109996952%2C3596897275&sfv=1-0-38&ecs=20220518&ists=16&fsapi=false&prev_scp=pos%3Dnav%26sl%3Dnav-ad-plus-leader%253FT-1000%26iid%3Dunit%253Dnav-ad-plus-leader%257Cvguid%253Dddda662b-52cd-4549-82a3-26903f6e4f3f%257Cpv%253D1%7Csl%3Dintromercial%253FT-1000%26iid%3Dunit%253Dintromercial%257Cvguid%253Dddda662b-52cd-4549-82a3-26903f6e4f3f%257Cpv%253D1%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%26iid%3Dunit%253Dmpu-plus-top%257Cvguid%253Dddda662b-52cd-4549-82a3-26903f6e4f3f%257Cpv%253D1%7Cpos%3Dmiddle%26stc%3DPDm281QAgRa4ZbCUbg4onNo1%26strnativekey%3DAKVVxuLpfqUsBfc9PjwYoAC3%26sl%3Dnative-mpu-middle%253FT-1000%26iid%3Dunit%253Dnative-mpu-middle%257Cvguid%253Dddda662b-52cd-4549-82a3-26903f6e4f3f%257Cpv%253D1%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%26iid%3Dunit%253Dmpu-bottom%257Cvguid%253Dddda662b-52cd-4549-82a3-26903f6e4f3f%257Cpv%253D1%7Cpos%3Dbottom%26sl%3Dincontent-ad-plus-billboard-bottom%253FT-1000%26iid%3Dunit%253Dincontent-ad-plus-billboard-bottom%257Cvguid%253Dddda662b-52cd-4549-82a3-26903f6e4f3f%257Cpv%253D1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26section%3Dhow_to%26contentType%3Dproduct-advice%26pid%3Dwindows%252011%2520how%2520to%2520download%2520microsofts%2520latest%2520os%2520on%2520your%2520device%252Cmicrosoft%2520windows%252010%252Cwindows%252010%252Claser%2520tek%2520services%26sectopic%3Dtech%252Cservices-and-software%252Ctech%252Ccomputing%26topic%3Dtech%252Cservices-and-software%252Coperating-systems%252Ccomputing%252Cwindows%252Cmicrosoft%252Cdesktops%252Cwindows-10%252Csoftware%252Candroid%26ptopic%3Doperating-systems%26tag%3Dwindows-11%252Cmicrosoft%252Cwindows-10%252Csatya-nadella%26collection%3Dnewsbox-tracker%26edition%3Dus%26test%3D%257C%257C%26mfr%3D%252Cmicrosoft%26prodtype%3Dwindows-10%252Cdesktops%252Cnotebooks%252Csoftware%252Cpc%252Candroid%252Ccomputer%252Ccomputers%26ctopic%3Doperating-systems%252Ccomputing%252Cservices-and-software%252Ctechnology%252Ctech_innovations%252Cwindows_operating_system%26entity%3Ddevice%252Cdownload%252Celigible-device%252Cfree-upgrade%252Cinstallation%252Cinstallation-assistant%252Cmicrosoft%252Cnew-pc%252Cupgrade%252Cwindow%26ctax%3Dtechnology-and-computing%252Cshareware-and-freeware%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dwindows-11-how-to-download-microsofts-latest-os-on-your-device%252C8ebfc936-16d2-4974-a620-a33953dbcc9a%26env%3Dprod%26vguid%3Dddda662b-52cd-4549-82a3-26903f6e4f3f%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Daw%26subses%3D6%26session%3Da%26pv%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1652876781923&lmt=1652876781&dlt=1652876778079&idt=1486&biw=1600&bih=1200&adxs=436%2C0%2C1054%2C1054%2C1054%2C436&adys=53%2C201%2C1269%2C2927%2C4585%2C6248&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwindows-setup12.live%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x6368%7C1600x6166%7C419x-1%7C419x-1%7C419x-1%7C1600x140&msz=1600x105%7C0x0%7C332x-1%7C332x-1%7C332x-1%7C1600x140&fws=0%2C4%2C4%2C4%2C4%2C4&ohw=0%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1497843112.1652876782&ga_sid=1652876782&ga_hid=184260199&ga_fc=false&btvi=0%7C0%7C1%7C2%7C3%7C4&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

318d9cc75671ea70c721e0aa88bf80955ce18e7ba0a63f349c187196677ffae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16552
x-xss-protection: 0
google-lineitem-id: 5689576291,-2,5689576291,5689576291,5689576291,5689576291
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138350135764,-2,138349728191,138349728194,138350135341,138350135788
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 52ms
23ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddeed12da62377630b8c0c1a02782af21db0dc46fe71c9a49c160e8476c12beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10610
x-xss-protection: 0

GET
H2 200 container.html Show response
8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91A6 6 KB
4 KB 77ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Thu, 18 May 2023 12:26:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8164 0
0 42ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvupMDd1ZtzA6RQLiiFdLSquHdB2ORTiVGbYnaS_eWQs-znAVa4flxhgBZ31CImNib-92Q9hQEYewsTvGGssUVrsYmY60EUi-e9Jw7sxUfwxg58ZAg_VfIGpDf-zn2sMsPoPOFOZPnSWVsshlJ_LdoHB9tiIl7ZSvNCRAKM1-IQSYMO5wgxsdQtzH8mpwHuwDIyxIEm9bUZr5T08el9ZJOw9iz4FReMVxCHcRpR-vcqEWzLFDdbN5y3CRxwlT-aL15tp3ifFqwkJVKgJB42QDQl73c_A99tK6V22Rw-m28Iq-qDBwQcU4QQgMe8TKA63iTSkpIlntq9cTddUaafIX3kBTx1edpMJGII65913E6TuOud_eZgn-Lt&sai=AMfl-YSthrXDOhspkTvNr3pYGtfcJw_nOyfOF7w7AOPI2gOkzHcHygXKoiQVtgWLUWk-2McaUt1DdoFWSU_71knKack21NZqE3a7RwC2yRYRYX907L84rPIXJfyD3AGXvNsk&sig=Cg0ArKJSzPPb1XD2ENsBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8164 81 KB
28 KB 17ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1218 / 561 of 1000 / last-modified: 1652871876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8164 133 KB
41 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 8164 337 KB
113 KB 17ms
17ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9B0 0
0 42ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3QA04XLsu5yrE5qy6sftmcz0qFZPpwCB6eFMAvUdMy4SFZ93I4CgFg04SfmlnXPXyqAj9_oGIJcTzCUoW9KU_VoFMAZ8J7oDVrVjhYgWDe0mK770UCN5K09eBFVXiDdKosvg56iChxE4_rQHtcPO9m1b0n2aXiVQzBPKIJ_Rxy2cwIMXnk3FwyGi2pKmWx3k2vjqX3IeUvgiG1l8WkgKxqgVSgCXcGInKXuSuvsVYJ7vB0CGJ3IEv4OMAQpiooVV0R7lzozkoqs9t_nghcbsWYX3WX46sIQQS8ftAEzNDgQKF9BTme5GnGK9NaM-we-50tNggp2PBhuYvlvDw6SHPO8xtjQxiLatUHpI_-BgjHSmiTlrXP4V_&sai=AMfl-YS94so45Ixdd4UbrkGX5hnuLL5ThO9oexYaTRWGsdjjU41ZBGEVWxr18yqFHQB-_k-lldhZU6qL3oLAu17ed0jKIbOmXLJGdZUGJMjpfSuvD87hRmhKE6N1hlDnPAkg&sig=Cg0ArKJSzK-J-Y7CRP6IEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B9B0 81 KB
28 KB 24ms
24ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1218 / 757 of 1000 / last-modified: 1652871876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9B0 133 KB
41 KB 61ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame B9B0 337 KB
113 KB 20ms
20ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F5D 0
0 45ms
44ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRdTqpweoRspUr8hqe2zDzi84lhkz15tUNwA0Y8jnOb4G36jxNzdyXRhhD3xE9e6r88ThXlP-KSubhNCoTN39oXDIm-bUVXJq_6M_foavxSijtqP6e-hHvZVH0CewgEgXWFzvT4VxWjZ_XK9FMKgeN58tHL1Ay7m2sV00dkZM_8tg0gPp7INM3blXDGSuNE9yJ3Bo7e8WeaErpc4t9qzBFpA9PC0A_amkkpif22N3Kfno28KVj3G9sjUwC_IoqfNqo9sxV5WBL1V58GHmL1DArCBGgAl5H3XFDRuepVvVlmPhc5JSgV1J89jkS_MIGZiUUCcF8KVzYKwqR7X6Dhs3yvdkh7aFqTdIlARfGXPPiwvgjDJad9OCw&sai=AMfl-YSX29FWwj5AwdYnJsj0NLRRqRyZclhtWKX1GfPRDxGgoMGDKiMQ_gPQuDml5QqBH_L6hRs-8BuUzpHW0O8haApaqG0MTfDeC9b23wmCtu_U5tV-iwtmtKKMc2p1GUN0&sig=Cg0ArKJSzLVG1mWI8nSlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6F5D 81 KB
28 KB 18ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1218 / 864 of 1000 / last-modified: 1652871876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F5D 133 KB
41 KB 52ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 6F5D 337 KB
113 KB 16ms
16ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB23 0
0 43ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIGq6hhwa2QHPgj6IFsHjfl1c9ct_5Ihtk4yloxh38Tm-YV4wyw-a242aiQi_ktznPIJ1kfxd9Izy1UI2daVSbimtTNLleUFdQFUGTN74geq4__1Su6LP7HNfsuuhmUnOz1QK748J-OBSK5BG7zykb78RRGxix2svGel7mit26pV-MS_8luSbxSXkAxtNZDinObesYGtDp6-_yyqH2Ri-kXWyhJnfpVrUPe7P17Is075hFvvCyY8ZbcmlZUmUxkfjGdp0O8AA0mlFvfTO9btKkXxoS2yxr6opW0e_fQ6WWOJV15e0xEmJWWUjwZnjLLDgi12RQCTV6h4ZNTM1aaIy_CVv2Gz3xjPQn1bxQ-87WHFYJNfxCv17M&sai=AMfl-YQXT436g77PeNq4uUJCFgSf3BjzyXXGHAjEfmWOVf-vqOm8zSrlzFKiVZUu0-BeRjUMdlB1I3I-u5aAH4bIsFXxwAPCO1omsSJesvbO7OgQAORBLqFBWlvHGthK8-1l&sig=Cg0ArKJSzP1LjCDWZkB_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EB23 81 KB
28 KB 25ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1218 / 536 of 1000 / last-modified: 1652871876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB23 133 KB
41 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame EB23 337 KB
113 KB 18ms
17ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A666 0
0 43ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssViW06XiocvpO3CY58dYNvAQPiS0RqdBFLCzDWbTzJUkNY93kbuRGFNjGHn7H4_Og9ze9b_TBQ0Yo5OiM-T9Y0M3dKYXmv4wgSs3rJmQkw3cdogmAj08g6w-hxWajwnVe0J3DyM3MXZjj_JsAYgRAPJeF9imZX_bfljI0pv2WcEMSwNyHvFh6Q6teAOZXAzUIJvIuADCtXJY8fL-L00FFvepmTPrwPLkAtKTXBLtHa2C3NvLg5qb-zFyZs7cVDkjL0txa3PvVVz1ZuH3xuLvpWciJhjBYuXVy3J9Dqg5jIVoYfteaiuS2CNbLyby2iVxfADZX28VDM_mGhWxg-35ZulAC7AXKFEl1UpnqXejd4xj2dffkecF4r&sai=AMfl-YSLnz3caZre6Jl_8EYrSR6fsizzrY5yhBRgv1tjVVkUFYniazijIBNV4jHhbtw1EOCXh5SVHqloez0D2WSnUuYiHOW_lP9Kvph6Qdn1ixbGq7BUd9DR62fAeGpmnnxb&sig=Cg0ArKJSzKZ5VaYnGcGjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A666 81 KB
28 KB 23ms
22ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28400
x-xss-protection: 0
server: sffe
etag: "1218 / 998 of 1000 / last-modified: 1652871876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A666 133 KB
41 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame A666 337 KB
113 KB 16ms
16ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80D5 13 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:55:09 GMT
expires: Thu, 18 May 2023 11:55:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D093 783 B
1 KB 52ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b5c9d9f64eafecd2cc20a84944ce1750ce5dfbe5bd245f7ec408100fd845e9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cJNrmt-Dt6yM2271LO_3Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cJNrmt-Dt6yM2271LO_3Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Wed, 18 May 2022 12:26:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8164 368 KB
125 KB 6ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 12:26:05 GMT

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B9B0 368 KB
125 KB 9ms
8ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 12:26:05 GMT

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6F5D 368 KB
125 KB 8ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 12:26:05 GMT

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EB23 368 KB
125 KB 6ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 12:26:05 GMT

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A666 368 KB
125 KB 8ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 12:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 8164 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e7c35a7dd9568bcb726a1594b41248a0b6b053c2c74ce767f0424e08e255feb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 42ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1652876782296&de=136321281451&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=6&cb=0&ym=0&cu=1652876782296&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138350135764&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=nav-ad-plus-leader%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=198321&na=714077876&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
DATA 200
OK truncated
/ Frame B9B0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20537289c8e7f4b235534658e498634d0a948fb7f32dfe3ce9eb22610e057fc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6F5D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46a730afca4cb7c9084264354277c6b6a3b9543bf6c86b1315eaeb7ef82a323f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EB23 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f279f6d6a9bbafc4ecc149c74987e5c5d1ef566d57e92e61501552f660f99c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A666 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d24bc728a544b50da211b82fbdd554e6b237cf64e4322a9bd6017628a4de6ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1652876782321&de=243118735253&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=10&cb=0&ym=0&cu=1652876782321&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138349728191&zMoatSECT=how_to&zMoatW=300&zMoatH=250&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=mpu-plus-top%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=198321&na=829408919&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8164 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8164 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8164 25 KB
11 KB 58ms
58ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2165579509964518&correlator=1205927932944705&eid=44761477%2C31067488%2C31064018&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2689385466&sfv=1-0-38&ecs=20220518&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssBUoKm7aiYU-QszBPX4d15WuvbP28wEiCnrJEbXwkQQr-s8fZATxHl6PJHPXEUfRm1ztdRs8BMkFrDhbprNpHanvtGVLU8SzUdqyn1a2KiD1-uGK31WZ_brbDXGHmDNvyffD7_dUH0EN9kum7H7kkYhQU0LKnhzat6Qy8iWvZU-nwb6He2Ff3P0zUNCACmkvO_BPzLpCqvrOENBTTRsNiWyu1a7o_ykupHOY2yTtQvABSWtFy16j12JKtmaFXpdx79C19ENx5-v01_SDKz2ybRITesaFfgD0URf34euCLLg3qTDQmn3o6V-PcFOdeC11Na45bF7DB80JBxmFcf5PmUlv47rcSvnCN1tPpHgIJBIXMc2fCQ%26sai%3DAMfl-YTN2tzcr0tE08b2qxJuCBuzyC7utW8Q2mEQE4MCkM3QJFN3_1gWmp-v5FUaEh_9kVrxdgLlLdlEjOXUzYgdIm-Un9HvhJ9kbOVH4YDRbfeku1JyrQ7iySs7cmwLjwnj%26sig%3DCg0ArKJSzBMWgfPI4gmMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&fsapi=false&prev_scp=campaign%3D5677026463&sc=1&cookie=ID%3Dacc9e5792a21aed4-22e2009097cd00b9%3AT%3D1652876781%3AS%3DALNI_MaVuD7avGjlJaxXi3Jjc2OLeD6irQ&cdm=windows-setup12.live&abxe=1&dt=1652876782444&lmt=1652876782&dlt=1652876782043&idt=392&biw=1600&bih=1200&isw=728&ish=90&adxs=436&adys=8&ucis=picpu0ksl2g9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwindows-setup12.live%2F&top=https%3A%2F%2Fwindows-setup12.live%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1326343900.1652876782&ga_sid=1652876782&ga_hid=1286043343&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1aad8bd7bc550ba0f53fbe4717004181372a217ac853882b173f7937424cf536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10734
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390191089
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6FBA 6 KB
3 KB 49ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Thu, 18 May 2023 12:26:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B9B0 107 B
122 B 20ms
19ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B9B0 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B9B0 25 KB
11 KB 59ms
59ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3999773430816612&correlator=3904482856292854&eid=31067486&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1319207525&sfv=1-0-38&ecs=20220518&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuJAdN6PW0EZdXXAusN1Vvu8DWaeYtx5tC6lBVwGdaSmBeTJjASUgjuPX0I1vzZkXR2UWuPQElg5XLe1e1h0AaCPC3fDzWtoeGvmIRwu_RQjSiyS_CmhyExRYLJadDXyv8mP4r51Tf_TQoWFtdO_F5OVuU15SrnIdXsQ5ZHQIXAFXxOvgUCMp6sLDWTatcfV7JtWyirlZ26WKTRD9Tu3Kszf69RvQrMppGYS7IdRTX-fIJNgiJrkBnewrANMIHyTCuE-fzCT3Qib1TAm4zREf7piH8nQocotgc_fJ1gAwYhLDhGYOL1ogfRWl9Urg6Ry1cx8yVhpz_8TSVoYvoA6nPdCtum0uGRLOsH43fI0szHpaZ19hVZ%26sai%3DAMfl-YSKNUXblQffj3mTJaxKLN_7BCrXOfZLNcacfyuTOLVi3TQ3PPG2KipBbEO5N25E0utwlkrawd_JAPy97GlqDPV8Kn9xJvrb-kaFiebM_a5Kbe2Bx2fArCFotuKxDhRq%26sig%3DCg0ArKJSzMydJY1yyx4wEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&fsapi=false&prev_scp=campaign%3D5677026463&sc=1&cookie=ID%3Dacc9e5792a21aed4-22e2009097cd00b9%3AT%3D1652876781%3AS%3DALNI_MaVuD7avGjlJaxXi3Jjc2OLeD6irQ&cdm=windows-setup12.live&abxe=1&dt=1652876782466&lmt=1652876782&dlt=1652876782061&idt=394&biw=1600&bih=1200&isw=300&ish=250&adxs=1054&adys=1269&ucis=bfagjvhh4ypf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwindows-setup12.live%2F&top=https%3A%2F%2Fwindows-setup12.live%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=40036427.1652876782&ga_sid=1652876782&ga_hid=955433813&ga_fc=false&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

82a7e1ae584a28f6fd9a1c21c4b9b46ddcee06c94a65a49f57bac3a2ab1d1d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10741
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389646512
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC48 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Thu, 18 May 2023 12:26:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6F5D 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6F5D 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6F5D 25 KB
11 KB 59ms
58ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126093631174329&correlator=3395060520676381&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1319207525&sfv=1-0-38&ecs=20220518&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstRncV5atKgXcm4sttZrrKP53rN2sIebpBjG8qnnQARzmZrGsYa9oBhGwpOKYNXL-Z3iHBddRUJvbI6_BrDynEiIrijZKc2SLzoCoO82qrqZEqhXc-D186cpz0GOyUeYAzTNxqb_uSTwdUP0WWQVQRUSGBgEszV_YBd88spxq7NBZpG6iXCViTuSmnQ7WHJXYc-geMKAdVjm-efB4yTrUmn_GmNDyQXBGB3CB7va1Z-eQrDGFWZA5ruybrZmbpjpVTsQ7ZA5zTsdsKbsJwQll5pBrwLcNn2fQ_4y4IctybGZSXZE6PrYcJkZOctFGxx1Pll33zmwIP4xkT0hYDxZcczAvw9nGi2Dflf2Ghvdtutdhp8Uy4J%26sai%3DAMfl-YTK0WGeVqJLvxBLbg81uB8Rvd-ysRff1PeO87L5WuWLZ3ipOfXqwnoMOV_7wgaJElDv15yV4VRelaIo66jxFphYiRMUKRyoj6hJ9cMzgZhdmUYR-Ue_2STrHe_sRbSS%26sig%3DCg0ArKJSzE58EpiNFtToEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&fsapi=false&prev_scp=campaign%3D5677026463&sc=1&cookie=ID%3Dacc9e5792a21aed4-22e2009097cd00b9%3AT%3D1652876781%3AS%3DALNI_MaVuD7avGjlJaxXi3Jjc2OLeD6irQ&cdm=windows-setup12.live&abxe=1&dt=1652876782486&lmt=1652876782&dlt=1652876782073&idt=402&biw=1600&bih=1200&isw=300&ish=250&adxs=1054&adys=2927&ucis=3nytpv8osr6z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwindows-setup12.live%2F&top=https%3A%2F%2Fwindows-setup12.live%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1485436149.1652876782&ga_sid=1652876782&ga_hid=1011739818&ga_fc=false&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6ccb27532473603919d5948c414cc1c0d0b189548b7752b9101d992680ef0e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10737
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389646512
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0316 6 KB
3 KB 53ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Thu, 18 May 2023 12:26:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame EB23 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EB23 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EB23 25 KB
11 KB 58ms
57ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1198454285653453&correlator=452423963848472&eid=31067383&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1319207525&sfv=1-0-38&ecs=20220518&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvajc1QRjm6vOyvZR7zdJhjydcXSUhfnlE4nUe4PgeRcuRAwWnryps4-RlPNssLNk-0Pph4meLTECQ_wE0MPuGoAdQtIsk9P66JjKlufs_SEzpQ3oXCZyTy9UShqZibMt_Iitx5SG8cQEVgjS_MJmWVtbG9gN4BjyDomM54DHGFLJ_lcmW3M8YRH7sxFbrWKge4sKm2cp5sY7ZlPeNib-XQwa3yTxqxp7Kwqyq2y3XD0Gw-_wwN5BPFdDNwukVBI-koVRCyqouQuXCAoiGFIm2ttmE33UA7DtH3Fy-GTs55BiMhhzv6AudNUpEam8JgCURjYwJZWSev6n5BZ4tZqd_8QZo9RrW6veEhL7m4GDIzxt9SXi9p%26sai%3DAMfl-YRWWnrlxjHl_7NqQBZ-HhX5-uEYStxSfrYR9K12cWGUwjHXXbZkH_LqjSsIhJhfow4kFlwJF8Gz-cH7dv3iO6vmB2s031HyhHBkZqmRhM9xf6EJlTBRLXogdcf4kZYv%26sig%3DCg0ArKJSzPpG2hbTz8y4EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&fsapi=false&prev_scp=campaign%3D5677026463&sc=1&cookie=ID%3Dacc9e5792a21aed4-22e2009097cd00b9%3AT%3D1652876781%3AS%3DALNI_MaVuD7avGjlJaxXi3Jjc2OLeD6irQ&cdm=windows-setup12.live&abxe=1&dt=1652876782512&lmt=1652876782&dlt=1652876782087&idt=410&biw=1600&bih=1200&isw=300&ish=250&adxs=1054&adys=4585&ucis=az5wnylb9sj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwindows-setup12.live%2F&top=https%3A%2F%2Fwindows-setup12.live%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=291894200.1652876783&ga_sid=1652876783&ga_hid=1234436885&ga_fc=false&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

637958195f386b62605c91441e0321fc3359f3813fe268a0e95ab0617ea00596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10742
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389646512
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F7E8 6 KB
3 KB 33ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Thu, 18 May 2023 12:26:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame A666 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A666 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A666 25 KB
11 KB 54ms
53ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1556115177390757&correlator=2886486272622950&eid=31067526&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=22309610186%2Caw-rv%2Civt&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2689385466&sfv=1-0-38&ecs=20220518&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4E57Ax8w7mKcVBYNVkil9QoaNal_ba_s2MQ0nUxMESVNtxrFBAd_2i7aCgdWDmkqMejajVLBGBfpCa_sPkaq9nUuRrmSCjhsejgLR6FP0yPAf9998Y8ptnzBi46yxCz71NkNxfCWZcglcyJPWo-7uNMHXh4S9mxM95bXgXwRa4aFjGpK6RJBq4u0-vNHbCgNZ0eXhhOJlr9mXaZUFC6UTB6OC6GreKCAe9NWrDG-fu9a8C6bgAXW-gaiSLjRyfXDC3CnbeZwyBZ1t66vS5wiMcyuQchf006e1GbCyAP5kgYGebob-nFe5fFTF5xV3Fn31upUW5eUDjFvZZWT4zpWbG_ZPWEIqZqt1HOCKBbMbqLIPvLFq%26sai%3DAMfl-YRKShCiWD8jQ6SDCN4lZeXRMbcg6aHHih5MM7mCsB78iC_LfS4gA19jW_tHmuMiQgW9pNEwFee-fjlCEEXVMOaOkprr6cL5C2CQsYG2wylbCh_odk1FtgEwHlN0CqSz%26sig%3DCg0ArKJSzFvY76RWllojEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&fsapi=false&prev_scp=campaign%3D5677026463&sc=1&cookie=ID%3Dacc9e5792a21aed4-22e2009097cd00b9%3AT%3D1652876781%3AS%3DALNI_MaVuD7avGjlJaxXi3Jjc2OLeD6irQ&cdm=windows-setup12.live&abxe=1&dt=1652876782543&lmt=1652876782&dlt=1652876782098&idt=434&biw=1600&bih=1200&isw=728&ish=90&adxs=436&adys=6248&ucis=4qixj4ctt0tt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwindows-setup12.live%2F&top=https%3A%2F%2Fwindows-setup12.live%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=335768118.1652876783&ga_sid=1652876783&ga_hid=2116106196&ga_fc=false&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

026eb603a99f100ea2d60da115e1ceb15419d2b6e4b47c4010645035388fae6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10746
x-xss-protection: 0
google-lineitem-id: 5677026463
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390191089
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7400 6 KB
3 KB 51ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:22 GMT
expires: Thu, 18 May 2023 12:26:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1652876782344&de=954921860481&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=14&cb=0&ym=0&cu=1652876782344&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138349728194&zMoatSECT=how_to&zMoatW=300&zMoatH=250&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=native-mpu-middle%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=198321&na=370390992&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D093 0
0 63ms
48ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=2221655370860300&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBA7 0
0 43ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAFsEaQO-cxvhFfGxpERfNdEYVUb9vUYA2ASv7Ty3lmt6nbBRZzaqB7KDgVPGyvAp44maEWVxn71rtxg1l9j0KIHnIP_P-EPfFU-gggpWAo6BqjOuMz3cDPdffsrQUlrWSFFOQcmSVCecyAD5gsrVNm4cHoc6PqOq0CLz1M7BCxnNRmtwa5ztnfMgDuzY8oUgOSp2GWktoYVCt0RYXHvBIG0R2rLd8oXsPdY7X2qYR6npzHd_PivWtxlq0_G0OdMdaYQs0garOCG-MZsOnVRbqLgSEpLvIbTZ7fya8Zp6kZQlirToKY6Bc3BfY8dvAMVU&sig=Cg0ArKJSzJ5RHQkzTJM7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBA7 133 KB
41 KB 52ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame DBA7 337 KB
113 KB 16ms
15ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 13870337996577987111
tpc.googlesyndication.com/simgad/ Frame DBA7 77 KB
77 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13870337996577987111?

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff34b6f2cfaf31e0c0b07803273b56ca1f07569e56c77dfbe740298fe0a98534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 13:15:20 GMT
x-content-type-options: nosniff
age: 601862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78946
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 22:29:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 13:15:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C454 0
0 44ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8OGC2FGh0S1dBhW8Ck1_LgWM_zDQLPmP0vn3xuWzAvP-UYosWoNRTMXJCoVx_ZEAdQBgzdPJMfv2hO3KIVlw_gGFQx1kMS-TzqcJ5ZLfxGPFA5-s_q3pfUaX0gpF-iA2gSRmLZHwEwBpUFbp1jzPEe7xiNvPwgUO95v_QSXoaSGqO10Fu2Aa3X3hRIdTvNFzs5oi_Pf4PWtrDsEhX0r8-HlXRZ-bRqKNwdBS6v4g4ohX-DnovUkJYDFCJfBS461vvFgW_jBHKWBFyeGlkSCytj8gBjsSGGECv-z3OT5Qpwf00tHablC8yxcQauSCfs1c&sig=Cg0ArKJSzDKdZOZkOdULEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C454 133 KB
41 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame C454 337 KB
113 KB 19ms
19ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 14498351202864570961
tpc.googlesyndication.com/simgad/ Frame C454 57 KB
57 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14498351202864570961?

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f99f0d862a54f81e67f85c1e0ed6518677f029d0d59715cb0d8937156b45a122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 15:24:12 GMT
x-content-type-options: nosniff
age: 594130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58265
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 22:35:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 15:24:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC0F 0
0 43ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupIjRz5qFFhXFAa7j6ZhRqPs7asWUgCSsZ47RvFHWQApSo1NzGjYpYRy-ilGg3aDhNuIxfnaBA6_a8vfZJ1Ys11yOkmSW-LZMzk_fpEq8o4T4xtUx2hMiy-WRK964l2JN_D_xhEf8MCUJ4025DVht1WlSo0rodhdnVLdMC3gIfo-2XFyai2A1yJXOzvszv9Lz-eac346v9QkiiNT1L-tEL0gkJw40fWHHNstZkFMars9eM0L5Y01TRdJgOytY_W3F_UX-rO-K69MJNSBBmWbGuNW2ET1altPYPbe_6K9JNrZsnFGekAUobXzWnT61RhC4&sig=Cg0ArKJSzDs6tjYuYVykEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 13870337996577987111
tpc.googlesyndication.com/simgad/ Frame AC0F 77 KB
77 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13870337996577987111?

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff34b6f2cfaf31e0c0b07803273b56ca1f07569e56c77dfbe740298fe0a98534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 13:15:20 GMT
x-content-type-options: nosniff
age: 601862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78946
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 22:29:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 13:15:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC0F 133 KB
41 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame AC0F 337 KB
113 KB 15ms
15ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB93 0
0 42ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHgd_1GVEthj686a3MaFUxKi2T7PaRKiJWCXgUIvd5IkcKKdB1UcrQUBMx_h4h1yJhAw4z5pOpeY56kNNN1-OTvsQGAEMiCeRLsTwBcbmxDgN4EDxcPfU-Qbp-E0sC5BJFcMgvR_W0b5QKX7ntvtPCStgwlr7bgwwELcF0VQ-ZvWPyY6dcnUV8xLVuF3cOpVwmIJVjjyjc-56ec0blMroXnaHWWupNRNC4--WTm05YNVRB3I3VsCYJ4l2ORi-34qtq27lzRYu6tZbv_B8kUvajVB4vs9-J0fs1sXFJgjgJvz-q20NKJd2uSPxy-bViO9k&sig=Cg0ArKJSzPlxZODXpAm8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 13870337996577987111
tpc.googlesyndication.com/simgad/ Frame BB93 77 KB
77 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13870337996577987111?

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff34b6f2cfaf31e0c0b07803273b56ca1f07569e56c77dfbe740298fe0a98534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 13:15:20 GMT
x-content-type-options: nosniff
age: 601862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78946
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 22:29:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 13:15:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB93 133 KB
41 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame BB93 337 KB
113 KB 17ms
16ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 934D 0
0 44ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGlUti6wQArT53GUZCNa5QC4UbqNybdv14uJtwiE5v9xyu3DH6OR2wNeLb31nDI43tVgxlyEgtMSC3SnVMhNB1N9ko7RBg_blCXFLKNzXWSA4qsrU3b5gRVpcsEaDy0w5_KirUkcfTqLiIMzZR4x_xD22-5647VNFHTESiEQQ3DHJQ-eW3gX2dEkKNtxeQLmC6tx9kDGg383_PT_K9szkiCEHppLocQGjwxleUcRHkrXwfS3ry6Lw8kVysVFiorL_YKp2OStyFIdZOIRzX2SXM7X7bjmnxNO7gRCfTeEWrauro90VBIzJs0_GfJu85qPk&sig=Cg0ArKJSzHyNGmblftVREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 14498351202864570961
tpc.googlesyndication.com/simgad/ Frame 934D 57 KB
57 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14498351202864570961?

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f99f0d862a54f81e67f85c1e0ed6518677f029d0d59715cb0d8937156b45a122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 15:24:12 GMT
x-content-type-options: nosniff
age: 594130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58265
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 22:35:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 15:24:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 934D 133 KB
41 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/redventuresgamdisplay60805146916/ Frame 934D 337 KB
113 KB 16ms
15ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 16:33:51 GMT
server: AmazonS3
x-amz-request-id: XEPT4SVS7ZXVNEBB
etag: "ac6fb8099cd37522297cf6af6b0fc027"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50067
accept-ranges: bytes
content-length: 114947
x-amz-id-2: ISVEvDbW8Ap4lA8q8ZKsdfTVnhkrP6D/4mY8Wv1uMz7qP1jxHncLcn2P6qLxNESxf5RQzJtzvUU=

GET
H3 200 -xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js Show response
pagead2.googlesyndication.com/bg/ Frame 80D5 35 KB
13 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:16:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1652876782366&de=801329960220&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=18&cb=0&ym=0&cu=1652876782366&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138350135341&zMoatSECT=how_to&zMoatW=300&zMoatH=250&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=mpu-bottom%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=198321&na=944634967&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C454 0
0 41ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoLlPjSNHoIJ9zB06cKIEjjTb-DTenVyTim0ta3ku-xr6D3w1VHaxK6jCROQlxvXr7uutji21d3CJGV1l0Rbg-Jd8fojTARUlfHilEOooYTweahFAkfIwLfMoG2VOKq-9ipsOcKSK1vqeseMmROxJ52fqQZ2dp_56_A8A1ZgmQ6MOdu2ecjnHW0diOl0LtQbiDv_Z39IP_yZB4JLBBKKjUw1YSV0OFhSxFOAN5b2t9AV6koZ1TAUptAPXg1inOzO9V_NbWHshutb8bqB2Bqnpa40CfM8nYvA2fdF9Tea5NDbHT1Um--YbnZnxZVQ22wvhuqg&sig=Cg0ArKJSzHVAzW0DcpY0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC0F 0
0 44ms
44ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuL4zEaQlRvZotDNC-IR-EZ8LtQQCbOhIp7bsUUGy3NgOSaf67o2hW0Hv6Q_--cri8VtbW4ydsRYm-s7TeDBo531WC1Qixl1o6yVQJuRYzJcH2ZeDeba-RffG6dvePiJfLkUFeJO2hEPxLTBRnmo88rj9Crl7gPKRoMxAzIGei_C3ERiDoHTGYeBcsF24NYYeBCx-KKz2U8R9JfOI73N6JDOnkL9RWPcRA5Rq7OxGGFwdXsXtnUD8-7DRqwSQHo8trveKCfpo92tpfz7nDgIEU0jzianM9wE1Ukx-b8CVb_JmD6IVvNam39kmIMcHwCiQba4Q&sig=Cg0ArKJSzFDTF0CckVkfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBA7 0
0 41ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvguijSqdLpw5wRrvIN7dGuae02kxAzdeyaBVD5Pf-ooad00AID-qKtqqQTHNH9NGQfef70EyHsXdiGsePaRo-h455ySGV9DN7WfX9xd1SJTFZe81acp7MrFgqgaxd8bkFFB08v6_eX06on7XG6GDxdnZDLjGCB3xODJT_Pl4lZXMbROXQv6DpeQ9yv26wlXgc3h_XH97iBL3eo_WAq_sAf1uRnkAjeXCXcZUn8jj7Jch8uKsBIoNbpumRjOhuRvtgqfMiK7dRgwvnW6hx7mlB_NVc3qlkuWA0qtfvHYCdCF3CYx44IUZw-IcUYCeKKrRxEXA&sig=Cg0ArKJSzHPXa0gbGRmcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB93 0
0 43ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstae46nBaiyz5eQeNOPxx8M5EEdw5B85jvR6XCs0SqI37rCXImV3Ipa8H_LlHqFZ19ZcTwLmPJXaaKKl2ruf9aLCXoC7RMd91eKgkl_o43Utbvt1hzR-10yTC4A8ohkECf_gbI22CeAlnVwfVISCdIx2XsoIRka2uA6_6-lUlfJk9o9p0oW5iyy2iCkOs7Zj4pAWixE1VMwdyUqagRBu4R3BNWc3UGaTaM_0_umX78H3mR_2HfOq_cFAJDhwhnXs559cjV0jdLaLus59IMx6mS8brspXoOp9UE82ZQcI-D8z48khmQz-FqZp5ClESHD3_MslA&sig=Cg0ArKJSzE0A1ymBITZbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 934D 0
0 42ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKzUZYCUbVgxM3tkd8GeWbfj7XAgYv_YbOteJkw4_KeOYKSUCP1rilm6-EUXLUSLNCDWauxBFVYD5t_X3TFvD71Xyzen233xP5vhTKJe8o-h4xvknw8vPytVsb9dF7YYdf4Co4gXQfppVMVkXQmYjAGWaVrUPHAOWXS6YMuZM0LPfS0mxrBVbucO1QcxRFwMJZUfZseHQqgTBT9ePER65O_EIm5g37FeHZiTVRwJV3ljn5NTf4lnAvDJqjeIKUs1lmyJSlEtD4AEqEPQDfq0In1BLvLTjo7QsbgSXJpoHpoHJcON3BLYEYCPDtFGSqByoXZw&sig=Cg0ArKJSzAT4dM7lZhTbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
DATA 200
OK truncated
/ Frame C454 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ade07bb072b245ae2c644f2671c699ac716e3219d644b19e3a62083832241f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AC0F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec4d07aa54eb6b580986d6e6470f0aabef20890dcdfc545a475f3c5782e2a24b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BB93 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 970e57c644deaf3000feaa50fbddf1d2948d24fc6caeeb754571f13e34381a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DBA7 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4517bb2b01f5e0fd6453dc3663276b45195fbc6580c6278e021fc04cca702b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 934D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fde103237b323ef7661668c7c16921ef0ebc97d7b747b8bd5b9409478fd8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 78ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782840&r=995498214768&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 84ms
22ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782840&r=995498214768&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB23 0
0 42ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_2HGFN89Rd8y2D-CzGW0YQPlNHqLBuEWcRuN39k50bwDompAoRy9trEYH-CwyNIjV2MlPCFwcNlmxfuxlYWaNb5wy5Rmh9J_48hRzsFoY3R2V0aU9moewLTQ3aF9GQGMEu-Okkt7viWqlqfP_nP9vTBRIkNParBtMdwjjyGtAlgBE5OCyBH6CoGZSrDKseBTGnhbuMRPo9fSu_kWDKar7UxNuLNv3ApnSXfT2IKYRvsWSTtxft17KvCSGqFFTvfepiV1uUvXLIvrvhxTr5RW2_XbXmDnZDbFnnUc59fXc6Y3PYGjCTnEU58ykaAysLJ4pTi9o2Q2XxGNVsNxSMWn3tigS8Szt0MmNRUG1tykFahKXWPfbIZYlhuQ&sai=AMfl-YReWNng9cfJ7_X2UTu6n4OWt0-mCDg7scV7OBxnELmO0WOrwvsupYSYUj2uDYc0jBTlDeuzo7Ex6Lup3bAopvVhrNHfkXp3MaNbyG_2OTjSDhMI6f3_0mMOhNXxTzJs&sig=Cg0ArKJSzDWUj1uNQKqpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EB23 14 KB
10 KB 44ms
27ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc94efb101c2ad43bc494e3ab94ad38b7a8d55912e96a188ddfdd062561858e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10616
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1652876782374&de=156542651666&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=22&cb=0&ym=0&cu=1652876782374&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5689576291%3A138350135788&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=incontent-ad-plus-billboard-bottom%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=198321&na=366481941&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 28ms
26ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=1&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876782905&r=25189864961&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 27ms
25ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=1&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876782905&r=25189864961&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 24ms
23ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=1&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876782905&r=25189864961&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8164 0
0 42ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_v7K72ROUQr2q-JauCR2lXRmrpFdaWX4TdbHtFZauiG3c079UBgpxWsw2n4ATaRIPng2AmipFNcPCNQToH9pkzMt1UsJLD3JkXspLY_0S4JHF-sxQc6x0ZJ6HA0I2m-d-Hv9FI3oypPW7ZMXH6IgXPoKQ8kta7R524O8B-jFx5eL5652EaQbNN7q8OMhKm7Uk17oXdCT4I6KgLZgaeY8wrivEz7XQNJl4xw0lwfL6sHfUb_l10oIt-4_anv58hZYx24_8xwXjov0Yyvlrs4e9cEXTzYcQlRlLLDxACna8NKu-HyXdI5tflqF9SuCMm56eh5XboG9m7g5ytTGHQwCAzvLXvfllZGd9l9tV9AON8eLDWHg4rbLFisA&sai=AMfl-YSw5MND4BisnYcmpyGnECBSgEpN-RlOlcsFHublrSVb1SYOSok-ot6MtXhDqHI4mjfSkKzaqxATcftxPzzk9TMd9y6k3qRdll8pFfBABBix1hnaQ9_aMi9wn01NoeVb&sig=Cg0ArKJSzOfSVYQVv_8ZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8164 14 KB
10 KB 37ms
37ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9808fd3f7a54d3f5f1e329e5f4aab4cac723b082842459cdca2fc6c0dbd40b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10724
x-xss-protection: 0

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=4&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782927&r=382082364493&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=4&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782927&r=382082364493&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9B0 0
0 45ms
45ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4eTlLlE9grGLJBDtveGIcqS5nikNz7Vcmh6e8OfrZV18I2jR1PUIlgrboOfYKW5IYkdlyUG2QAq1O4WOTA_E2dBDLWhtcsYMjY5zbE-vWuDXphx5eo5nZax5MNws9dgkhNpAHANI_F4rkqDgz-C-D_AFY4HndaNJpF91M_zUPw70PrcgjkfiKUu7J9nmfr96mKGKsUml0HHcrl5xA8S0UW2BtOWK4Ai_JJxR-SXvLTXIAhubBAiGHQxutOpFLNRlU3N9LORh3vs7SysC8n8eYTtf-0cOakEvJtw-UR7fVARInyaxI11WuMUzBt8cmY9eD6_yanoITDsAVgP7Z2jaMCnRD2MgHC_e3jB2zNEJYb--l3cTlJiKRVvo&sai=AMfl-YSBRE-uKWMy91FUzCBtGqBaNXwpyP5g6eRNoDhc-4aldoF4auixI-5nPcL-GYxAG7nqJqnvb5eljk57XnuEoN3g0HANlKTmXfkp1rH87guzo_3F6RiKoJZt8e4KRfcm&sig=Cg0ArKJSzOL_OdIrgiLSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9B0 14 KB
11 KB 29ms
29ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b60ff7091ff768be7f49c538c7277a6ad189c96098ca7f103500a3a81a84ecb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10742
x-xss-protection: 0

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=2&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782949&r=549355218025&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=2&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782949&r=549355218025&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F5D 0
0 42ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUFMLRfW8oGomiU0el_ty-NqwhcIKWqXoAlmnONfgiA3w5xPdtGDGVz3fU5W3YXTxyGFV52EOK5M08fGH7Jy-W7bdCFPNanoSerHs3DaOcGxNaXTYLdpxu2sNpSJyRvgTwsi0db03fBfTSIfbRGILUyrm5bFvWbhnOYsbHdfAwSEF0oMwerW0xaYhncYWgkPay49lfFczXibsaSJVOibBedz7gD-IeRYF5kicXW6_TmgATZvoymjDAmxK-pFyVuw0Cr5GBe1OddnLwUh7RYTGO948HFp-ihLx83ZvSQUM6Pvxk0cHSB9D0LbFqKyzVS2FK144feDyHuXkoS9XjKAGIA2KuXrZl0VfWL1-7FJPEJ_QZtqOOrDbWpzo&sai=AMfl-YSpfnwyXEiDX4fz_o6VHICMQYS0oVf3Z27b6xZMcOcbIUuJgEuFFBXBFOu2cbp5gg3Z3LXMCQsKP2llJw2L5N-vUmc4Nsov7rVkufz9d43bzXkiNAeIuyfPNzafibM9&sig=Cg0ArKJSzKvjuwHhJhJZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6F5D 14 KB
11 KB 28ms
27ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d09a15b093affda410fabea5ed1bb178bc0576412aa249cd2a46dbe5b2966159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10735
x-xss-protection: 0

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=49&fi=1&apd=97&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135764&S1id=22308610192&S2id=22508656309&ord=1652876782296&r=136321281451&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad-plus-leader%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=49&fi=1&apd=97&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135764&S1id=22308610192&S2id=22508656309&ord=1652876782296&r=136321281451&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad-plus-leader%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 18ms
18ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=49&fi=1&apd=97&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135764&S1id=22308610192&S2id=22508656309&ord=1652876782296&r=136321281451&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad-plus-leader%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=105&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138349728191&S1id=22308610192&S2id=22508656309&ord=1652876782321&r=243118735253&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=105&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138349728191&S1id=22308610192&S2id=22508656309&ord=1652876782321&r=243118735253&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:22 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=123&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138349728194&S1id=22308610192&S2id=22508656309&ord=1652876782344&r=954921860481&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=middle&zMoatPT=article&zMoatSL=native-mpu-middle%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=123&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138349728194&S1id=22308610192&S2id=22508656309&ord=1652876782344&r=954921860481&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=middle&zMoatPT=article&zMoatSL=native-mpu-middle%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=138&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135341&S1id=22308610192&S2id=22508656309&ord=1652876782366&r=801329960220&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=bottom&zMoatPT=article&zMoatSL=mpu-bottom%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 18ms
17ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=138&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135341&S1id=22308610192&S2id=22508656309&ord=1652876782366&r=801329960220&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=bottom&zMoatPT=article&zMoatSL=mpu-bottom%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=4&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876783016&r=947112295687&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=4&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876783016&r=947112295687&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A666 0
0 44ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshEfheaaZHEx-uDLHyWuRTFDWjALcAUTUKn7Enpqk_BPOsfXMQyGlJOim8dAZ1gU8wJfaCDovrlXfyCZUGPcNvNHwr48AEJSLk7QRN2DVgwqoj275gRJxVdEqllpkWy7YsCLDI_HWwgYrvIXg-VMWoCKf-5rto8niiSZGZrmpU8mYwUsUKSS5xpGPqg-x8NUZJO1iL3trh_80o2c8SS7p38i0eM3YEu7YlMJVeAgsPZ4tpaTQHHOXgraS05I6EJJLmMglqQZkmt9HFuVlaImOqJikqUmvqkmFWHjuDPs2c7J94QyHT_zc3iDcnFCu0hPsIL8CyfvjNZs0VNIRLM4LBdmr5PFGoNzJGuzMNs0sqt3gA1MZkjbXapZE&sai=AMfl-YQ0ilAnAr6mtncNUcJjSdaCGUyd_yiEDWn7IOoVsC53O6pxi7UUMydDO6GLPd_o3oixPHgShbPFSRQg0UJerM6fr6RY_T_xUKmsVbLbbeuYclHGzLglhEBhvV2HLkGn&sig=Cg0ArKJSzOP4vS_VJa_CEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A666 14 KB
11 KB 32ms
32ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58fbf41a3cc149922b857837eb81f494a6e0c17f141353d3555121f30873a779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10777
x-xss-protection: 0

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=173&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135788&S1id=22308610192&S2id=22508656309&ord=1652876782374&r=156542651666&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=bottom&zMoatPT=article&zMoatSL=incontent-ad-plus-billboard-bottom%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 19ms
18ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=173&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135788&S1id=22308610192&S2id=22508656309&ord=1652876782374&r=156542651666&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=bottom&zMoatPT=article&zMoatSL=incontent-ad-plus-billboard-bottom%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EB23 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8164 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9B0 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F5D 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 17ms
17ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1652876782840&de=995498214768&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=26&cb=0&ym=0&cu=1652876782840&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138389646512&zMoatW=300&zMoatH=250&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=198321&na=2071149461&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=265&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782840&r=995498214768&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A666 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=198&fi=1&apd=246&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135764&S1id=22308610192&S2id=22508656309&ord=1652876782296&r=136321281451&t=hdn&os=1&fi2=0&div1=0&ait=75&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad-plus-leader%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
16ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=248&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138349728191&S1id=22308610192&S2id=22508656309&ord=1652876782321&r=243118735253&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=249&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138349728194&S1id=22308610192&S2id=22508656309&ord=1652876782344&r=954921860481&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=middle&zMoatPT=article&zMoatSL=native-mpu-middle%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 15ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=251&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135341&S1id=22308610192&S2id=22508656309&ord=1652876782366&r=801329960220&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=bottom&zMoatPT=article&zMoatSL=mpu-bottom%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=251&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135788&S1id=22308610192&S2id=22508656309&ord=1652876782374&r=156542651666&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=bottom&zMoatPT=article&zMoatSL=incontent-ad-plus-billboard-bottom%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 20ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=229&fi=1&apd=230&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876782905&r=25189864961&t=hdn&os=1&fi2=0&div1=0&ait=114&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=217&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782927&r=382082364493&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A6F 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:55:09 GMT
expires: Thu, 18 May 2023 11:55:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1148 783 B
536 B 33ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

069e566bc04f2bd3e8dfa3193147990b8c9122a912aafca3ab39d1e7b193ba8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C5q19ZZdB3P4beqyoyMzXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-C5q19ZZdB3P4beqyoyMzXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:23 GMT
expires: Wed, 18 May 2022 12:26:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
27ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13870337996577987111%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782840&de=995498214768&cu=1652876782840&m=18&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5&cd=0&ah=5&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138389646512&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=mpu-bottom&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=19960103&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=203&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138389646512&S1id=22308610192&S2id=22383746382&ord=1652876782949&r=549355218025&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02B6 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:55:09 GMT
expires: Thu, 18 May 2023 11:55:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE1F 783 B
536 B 28ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8dfd2e1359d46fad630a3d6423487c30d30b0d07e6a59ebbfc701d6ab42ad520

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jA5AG6Rc84gvk-L7xvSJJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-jA5AG6Rc84gvk-L7xvSJJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:23 GMT
expires: Wed, 18 May 2022 12:26:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBDE 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:55:09 GMT
expires: Thu, 18 May 2023 11:55:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CA3A 783 B
533 B 27ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dbe7c4a485140cba3dab912aad4efd6b27335fbe7ddff0b0cf9d354ddf24a94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tTlOHxr8Qd_iVYZOdELh9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-tTlOHxr8Qd_iVYZOdELh9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:23 GMT
expires: Wed, 18 May 2022 12:26:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A14C 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:55:09 GMT
expires: Thu, 18 May 2023 11:55:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8405 783 B
534 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

465020d09e0f92caf7560a28f3c29f6abaa5d841db3b0475d8cf5243ba73ac25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q5y-JeYslFGjnTCG0v9weQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-q5y-JeYslFGjnTCG0v9weQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:23 GMT
expires: Wed, 18 May 2022 12:26:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AEC 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:55:09 GMT
expires: Thu, 18 May 2023 11:55:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF08 783 B
534 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67aa092bce49bb5a37a4253424c9f1e50bc6b0bbdcc28de06015a3b9413da166

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dSJajSMIsxXOcupDVQUt0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-dSJajSMIsxXOcupDVQUt0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 12:26:23 GMT
expires: Wed, 18 May 2022 12:26:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1652876782905&de=25189864961&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=30&cb=0&ym=0&cu=1652876782905&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=198321&na=837364317&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 80D5 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DJveCQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 16ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=229&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876783016&r=947112295687&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1148 0
0 48ms
47ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1198454285653453&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14498351202864570961%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782905&de=25189864961&cu=1652876782905&m=14&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=nav-ad-plus-leader&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=1895758859&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE1F 0
0 73ms
72ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=2165579509964518&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA3A 0
0 71ms
71ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=3999773430816612&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8405 0
0 72ms
72ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=3126093631174329&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF08 0
0 71ms
71ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1556115177390757&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 -xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A6F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:16:21 GMT

GET
H3 200 -xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js Show response
pagead2.googlesyndication.com/bg/ Frame 02B6 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:16:21 GMT

GET
H3 200 -xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js Show response
pagead2.googlesyndication.com/bg/ Frame CBDE 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:16:21 GMT

GET
H3 200 -xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js Show response
pagead2.googlesyndication.com/bg/ Frame A14C 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:16:21 GMT

GET
H3 200 -xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AEC 35 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 09:16:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1652876782927&de=382082364493&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=34&cb=0&ym=0&cu=1652876782927&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138389646512&zMoatW=300&zMoatH=250&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=198321&na=447849852&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13870337996577987111%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782927&de=382082364493&cu=1652876782927&m=12&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138389646512&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=mpu-plus-top&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=819001998&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 18ms
17ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1652876782949&de=549355218025&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=38&cb=0&ym=0&cu=1652876782949&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138389646512&zMoatW=300&zMoatH=250&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=198321&na=1908139545&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A6F 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JD-NcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 19ms
18ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13870337996577987111%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782949&de=549355218025&cu=1652876782949&m=10&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138389646512&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=300&zMoatH=250&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=native-mpu-middle&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=native-mpu-middle&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=native-mpu-middle&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=1748515308&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 02B6 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EO0Ujw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBDE 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zRjWww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A14C 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BzxwDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AEC 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0qqLOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 68 KB
23 KB 57ms
9ms Script
application/x-javascript 2600:9000:2315:2e00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 39ce831c2d42884a6bc694df10253f7d52b9e6c18c9e92b7ee5b00ba7ad0c14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:28:17 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:10:52 GMT
server: nginx
age: 7086
etag: W/"625f4f8c-110d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: mkKzDpa9deAn0o_Jw4e6I09nB9UqjnwzFYwixQq_c8ytSB0ib-lTKg==
expires: Wed, 18 May 2022 12:28:17 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14498351202864570961%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782296&de=136321281451&cu=1652876782296&m=676&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=102&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=49&an=0&gf=49&gg=0&ix=49&ic=49&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=49&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=97&cd=0&ah=97&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138350135764&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=nav-ad-plus-leader%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tz=nav-ad-plus-leader&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=416041505&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 31ms
31ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13870337996577987111%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782321&de=243118735253&cu=1652876782321&m=659&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=86&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=105&cd=0&ah=105&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138349728191&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=300&zMoatH=250&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=mpu-plus-top%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=mpu-plus-top&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-plus-top&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=935488134&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 298ms
97ms Image
image/gif 35.153.152.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cnet.com&p=%2F%3F_%3D%252Ftech%252Fservices-and-software%252Fwindows-11-how-to-download-microsofts-latest-os-on-your-device%252F%2523nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D&u=BwSAvYDi6NfuNM8Vg&d=windows-setup12.live&g=66142&g0=how_to%2Ctech&g1=alison%20denisco%20rayome&n=1&f=00001&c=0&x=0&m=0&y=6368&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2238&t=DkNdBtF-90BDY3RCGCEfRJcCjlMeu&V=132&i=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%20-%20CNET&tz=0&_acct=anon&sn=1&sv=CfHjACC7r68WC-ssa_CbUwCTDkmdeH&sd=1&im=0e4b0c73&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.152.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-152-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 17ms
17ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13870337996577987111%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782344&de=954921860481&cu=1652876782344&m=655&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=70&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=123&cd=0&ah=123&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138349728194&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=300&zMoatH=250&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=native-mpu-middle%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=native-mpu-middle&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=native-mpu-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=native-mpu-middle&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=204254283&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13870337996577987111%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782366&de=801329960220&cu=1652876782366&m=646&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=52&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=138&cd=0&ah=138&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138350135341&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=300&zMoatH=250&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=mpu-bottom%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=mpu-bottom&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=mpu-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=mpu-bottom&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=1791565594&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=31824268&c4=3000085&c7=https%3A%2F%2Fwindows-setup12.live%2F&c8=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=31824268&c4=3000085&c7=https%3A%2F%2Fwindows-setup12.live%2F&c8=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%...

0
188 B

11ms
11ms

Image
text/plain

99.86.7.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=31824268&c4=3000085&c7=https%3A%2F%2Fwindows-setup12.live%2F&c8=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%20-%20CNET&c9=&comscorekw=operating%20systems&cv=3.1&ns__t=1652876783738&ns_c=UTF-8
Protocol: H2
Server: 99.86.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-38.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:23 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -PU0rfGcfzm3eYPI_M0RDi6yaCpeqnYdKmif8AcydHdLxOeImhxOEA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=31824268&c4=3000085&c7=https%3A%2F%2Fwindows-setup12.live%2F&c8=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%20-%20CNET&c9=&comscorekw=operating%20systems&cv=3.1&ns__t=1652876783738&ns_c=UTF-8
date: Wed, 18 May 2022 12:26:23 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: y7-uedAB8imE44oDjloROdCdMhyQMap48j3aziQLC4IoeR157dja1w==
x-cache: Miss from cloudfront

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 18ms
17ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1652876783016&de=947112295687&m=0&ar=8d467bec877-clean&iw=b85e0a2&q=42&cb=0&ym=0&cu=1652876783016&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&gw=redventuresgamdisplay60805146916&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1327%3A1388%3A2263%3A1377&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=198321&na=666114714&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 41ms
7ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-cnet-rv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding: gzip
etag: 4abd427e43cd6822329a2c05539e321f
age: 219
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 045EQZZHTRZ1QTERCC6Z
date: Wed, 18 May 2022 12:22:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: K5ZMirEzo_943uvjTqvzfTRZJ4jAM0eh25ff81pWImP1QyoEZeTUxA==

GET content_suitability_id
admiral-mtml.mt.rvapps.io/api/v1/ 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14498351202864570961%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876783016&de=947112295687&cu=1652876783016&m=11&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=incontent-ad-plus-billboard-bottom&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=incontent-ad-plus-billboard-bottom&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=incontent-ad-plus-billboard-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=1751519133&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C454 42 B
64 B 43ms
38ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVxggUlpxjzDrUnZAHMKfQ_c0rRLmw4Ys6afjxN25yPJbBstJA59SvGRLAvaHYp61sPzdh7DR22Wva3GPSrhk-Z20P2pG3H6PxqPTpL_9GqasglQuS&sig=Cg0ArKJSzG6czfzSlndTEAE&id=lidar2&mcvt=1063&p=8,436,98,1164&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20220516&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2689385466&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652876782608&rpt=156&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=2221655370860300&bg=!oqGloeXNAAZL3OSAa9w7ACkAdvg8WvybeXSzGO9y4Mq7k24DglfGmJLBNTC5DDq4hnzYDK83mPAN3AIAAAF9UgAAAAFoAQcKAEuhL3cZIsIYVVa392sCe1upyFgLGZ8Yf8SeDsfcZu0OppBWWWA5aFYBmOQ0PUnF50hy9Ba4hGEko2006R7XzjpfQplQz90cje-aguSZApv-u_VIXb1ViNL0aA4t4UbRNpzpbcB6CPY0TR1bg0jAlwxgmsx2IC5Q2H_fv-S9H5I2ADl_7stj_CBU0wTDFOOJYA5Bnjvw_5cnNAnsrnRR5lMRCnGFQ9as6xX83hyOsCKo4ftH5ZhTC6Cul-oo0DroXJkdRQwUiKMg92TT7OWxwa4qXCow1ugeSDw_dV1Ctn6d5mmZc1e2PFJL0VpQ1_hLReHn99_LJOrHyjEH_z6wq8d4aO2Uy1e41cya8QCzvxkpIoFeF6AJheYyvdLNP0kMK-ct7jXQkzx1D8sn3KNOGCTNv-GWKl5h6dOr6Q61AR1LdlBRQ_P_dSY7mtElq99Ez0ENbrG8JW5E1GGGlpunp7IcG3SYS9Hd6Xl2kx7C3FKRLIlns5y-0YqI0yK_saOyhqg9mesBL5PppSfgA-OWeBHgH3YOJtEheAxtivXMRlNfPUR-T4-WUP-WoT6nIgL7vWP__p16ePs134qvVoKhjsD7zO-hDHxwZNORS7fSnkFv9X1UGiVSXBMVSI7Y_Mfrc3VFmSAXvJPtTOYxtDDHscYB6woasgM3bPg9CKV6elz68_Yd64X9VDKLDiFEjibpwYzW3imMm7gKpyVjbeKbE7iwwLCOK69Yf_L44_8sW7N5pebPIdfKgD2twcvON_DWMskxrVXbaZSG3QXcHa-EtLUXWCv1fF__sF-rNCkCn1gFZ8CuSRj6bdixJwTRK_TrYV_JHG-sEaL2bMXBBtDmsOd5DFU50c8uc2vmewasE-5xeFhV24S1s4yT_Oq6CgqpY4BHUM9-540rt_dNQsndyMw5eIbG5ejcgo-qmytbSkrkeyMBy8QGdL0xLAXde_sZlfo4tR_jYQXzj6wbL4CQiwZeAZQqSq5-_Vsk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 406ms
391ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:25 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: B3uf8qrD-kdzV0oOuY3lcEwcz172WmsEp8iT1sPpNmJFbq7yqBooRA==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 17ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14498351202864570961%3F&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782374&de=156542651666&cu=1652876782374&m=676&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=43&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=173&cd=0&ah=173&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138350135788&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=incontent-ad-plus-billboard-bottom%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=incontent-ad-plus-billboard-bottom&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=incontent-ad-plus-billboard-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tz=incontent-ad-plus-billboard-bottom&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=1440571860&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8164 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVrapYHy9l6byViLY3BPJ1LJ0P9XzINeHwLoEjV7CRexvO49VpRHfWIwDsY3Y1YZvapc_Yd7Bgpb9wNzdNi2zGcx0qc-TfL_fG02XDWgAA7RWyg64t&sig=Cg0ArKJSzE8rCqYQKKqjEAE&id=lidar2&mcvt=1000&p=8,436,98,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220516&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3234279276&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652876782043&rpt=880&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 212 KB
38 KB 36ms
7ms Script
application/javascript 35.227.208.151

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/js/pages/desktop/article_video_test-17a552d99d-rev.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.208.151 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:22:34 GMT
content-encoding: gzip
age: 230
x-guploader-uploadid: ADPycds5hyRQ5B_sE0L3ERRZ7RRlsdKUtKYBsJubeX2pfsE93dG3XrSB3yh0NtotQCdS29t-d9DLVR9c9MUDegFHEfpXoQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38303
last-modified: Thu, 31 Mar 2022 16:15:43 GMT
server: UploadServer
etag: "6d60fd0a8328ab90723334e067d116d8"
x-goog-hash: crc32c=HIlLng==, md5=bWD9CoMoq5ByMzTgZ9EW2A==
x-goog-generation: 1648743343088826
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 38303
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 May 2022 12:27:34 GMT

GET
H2 200 comscore.streaming.6.1.1.171219.min.js Show response
www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/comscore/ 104 KB
18 KB 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/comscore/comscore.streaming.6.1.1.171219.min.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d2078bf12beaaf3694eb02a46c6de631d4a5e4ba52b25d3d9a64c7c52626fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 00:25:00 GMT
etag: "d5b31c3d8338aa9e3ada674b59c8548d"
vary: Accept-Encoding, Accept
content-type: application/javascript
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 18724
expires: Mon, 02 May 2022 23:59:30 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
127 KB 68ms
15ms Script
text/javascript 2a00:1450:4001:801::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: windows-setup12.live
URL: https://windows-setup12.live/?_=%2Fa%2Ffly%2Fjs%2Flibs%2Frequire-2.1.2.js%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128852
x-xss-protection: 0
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 18ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782296&de=136321281451&cu=1652876782296&m=1817&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=102&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=1&ag=1191&an=49&gi=1&gf=1191&gg=49&ix=1191&ic=1191&ez=1&ck=1191&kw=1024&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1191&bx=49&ci=1191&jz=1024&dj=1&aa=1&ad=1068&cn=0&gn=1&gk=1068&gl=0&ik=1068&co=1068&cp=1024&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1024&cd=97&ah=1024&am=97&xd=00&rf=0&re=1&ft=1068&fv=0&fw=1068&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138350135764&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=nav-ad-plus-leader%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=nav-ad-plus-leader&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=239344550&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 17ms
15ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1024&tet=1191&fi=1&apd=1239&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5689576291&L4id=138350135764&S1id=22308610192&S2id=22508656309&ord=1652876782296&r=136321281451&t=iv&os=1&fi2=0&div1=1&ait=1068&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatCURL=windows-setup12.live&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad-plus-leader%3FT-1000&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

4 KB
2 KB

67ms
65ms

Script
application/javascript

2606:4700::6810:7eaf

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6810:7eaf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10145211
fly-request-id: 01FSX6X3Y7Z6VSJYZCBQE609ZV
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70d494bebae2cc4a-ZRH

Redirect headers

date: Wed, 18 May 2022 12:26:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G3BHKVA408WFKHZ1DD3B8SM1-fra
server: cloudflare
age: 589
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 70d494be7a9fcc4a-ZRH
access-control-allow-origin: *

GET
H2 200 pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/ 43 B
260 B 18ms
18ms Image
image/gif 184.87.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=992&tet=1213&fi=1&apd=1214&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=windows-setup12.live&L1id=5009920773&L2id=2848205265&L3id=5677026463&L4id=138390191089&S1id=22308610192&S2id=22383746382&ord=1652876782905&r=25189864961&t=iv&os=1&fi2=0&div1=1&ait=1098&zMoatVGUID=&zMoatCURL=windows-setup12.live&zMoatPS=&zMoatPT=&zMoatSL=&moatClientSlicer3=0&m_ltype=direct&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.172 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 18ms
18ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782296&de=136321281451&cu=1652876782296&m=1819&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=102&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=1&ag=1191&an=1191&gi=1&gf=1191&gg=1191&ix=1191&ic=1191&ez=1&ck=1191&kw=1024&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1191&bx=1191&ci=1191&jz=1024&dj=1&aa=1&ad=1068&cn=1068&gn=1&gk=1068&gl=1068&ik=1068&co=1068&cp=1024&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1024&cd=1024&ah=1024&am=1024&xd=00&rf=0&re=1&ft=1068&fv=1068&fw=1068&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138350135764&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=nav-ad-plus-leader%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=nav-ad-plus-leader&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=625125704&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H3 404 / Show response
windows-setup12.live/videos/related-playlist/7-ways-to-take-screenshots-in-windows-11/xhr/ 196 B
674 B 141ms
141ms XHR
text/html 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/videos/related-playlist/7-ways-to-take-screenshots-in-windows-11/xhr/
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/f7cb05-fly/js/main.default.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://windows-setup12.live/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq1syIDwEebvCxeK%2F2lGHmPUJ%2BffshGMUdGskO3ysO2mKcXYjHsQs%2BNdAGTtdqMtpFy14KbdijHuFvWvPD%2FVPkMLwjXP8LqyWfKLZoSinb126tmjPY6t%2FuQ2EvT%2BC99oSmI6nUPm2q4Rp5qwzKl%2BwmNcSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 70d494bd3c7ee928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 216ms
9ms Script
application/javascript 2600:9000:2315:3800:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/video-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3800:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: _Isx3_6AiijzpGgrItbC9uhtJub9Rgu3
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
age: 2784
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 18 May 2022 11:40:01 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: NJKLVpDg202k2lGskuQmp4KsKQ8dMtGoA1Veet3qMJmcPidu3tSU2A==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 20ms
20ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22508656309&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article%20%7C%20magnet_article&zMoatPTATSECT=article%20%7C%20magnet_article%20%7C%20how_to&vb=6&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782296&de=136321281451&cu=1652876782296&m=1821&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=102&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=1&ag=1191&an=1191&gi=1&gf=1191&gg=1191&ix=1191&ic=1191&ez=1&ck=1191&kw=1024&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1191&bx=1191&ci=1191&jz=1024&dj=1&aa=1&ad=1068&cn=1068&gn=1&gk=1068&gl=1068&ik=1068&co=1068&cp=1024&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1024&cd=1024&ah=1024&am=1024&xd=00&rf=0&re=1&ft=1068&fv=1068&fw=1068&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5689576291%3A138350135764&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22508656309&dfp=0%2C1&la=22508656309&zMoatSECT=how_to&zMoatW=728&zMoatH=90&zMoatVGUID=ddda662b-52cd-4549-82a3-26903f6e4f3f&zMoatSN=a&zMoatSL=nav-ad-plus-leader%3FT-1000&zMoatAType=magnet_article&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=nav-ad-plus-leader&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=198321&na=1224019264&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB23 0
0 74ms
73ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1198454285653453&bg=!fH-lfzvNAAZL3OSAa9w7ACkAdvg8Wi2ppe4u79HluyqGh7VoX2wrgnUGR-k0w5e-eB7L-dbN7GhSZQIAAAE8UgAAAAJoAQeZArUN-4KUJRul8HUSWGtJimxiVKbYktGkHcH90YLTUyxqkFO53R_Iw0LR2Laha82nVTcAieuIF2OnXa1asNYjPzJyZT0YHrVA85eqASeNFUrLDIUc-F9sqfwj2pAAPW86zoxk4RwSHrIRxuxDl4mRqDvtOz_5h3IM8SipTJh6lfUvN3c4zEOaauuKqcdB-rO_gm0K_-YD-4mKOpm6A4duSqzfjaoe4Tt1Wy0nFl3ARx-0ShbyLNQe1eNbYXcQJxONGh0bEJT58tgqhODpiS_BI6FuesWsKMNb9FNJ8HZoMNHkP5HGjypmEx5Iw4NqGhteWhn8Su-u8YBT3dhEslZ3jnZ6qndd419av7EjSQAx2wCrN6anaoY41fAwXoFANiM9pTB3UcOqsdk8YAB1IfMHLY1r-CIhK3JV1t2PKyXfFADZBhsPBkROyt1aLVnCI3VUP0sf6ibS9dylEeG0TjaBp6JVoS7L8cjmsWBBMXsVbCpcuLPJ4PKFmyBDf4CiwaaycDHkw7_M2Sz16rdlZYvESSNuY2cgbek0B0dzv5QyB2yJpLEmNxn-4MNNcs6LhXlyPumvHoC6lPIlOWA4SuQ6AynPFP4fG3X-3ENWioY-nvzh8slHnFPk73mecS2978eLhjW4qrUNjsIoqJY7TCY78hV1JWetFZ5exgjBUbhs4m2weGqGxooA4k91qsOPzWKLMq1tSQNk15kID64LC3Vi8k3Wes1oNKTrsUkcIDYs1MRyQNJPnZOm9d9HtOJnRWTy1NTD1mP1CDf0ejSx8Bm1_tyySxdXBQH71caNa9DP54UZhrZAbmKC5Iw0ukPQ5TA0nxytyRWO9lUUrg_k09cNJtMVO9M8d0YFbmlK6ugLPjOL0bQagxz7FNiyUIlE3_98UhUCaAMap110KMZRY66Ybk8NTg5ZKOk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8164 0
0 107ms
107ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=2165579509964518&bg=!wsGlwYXNAAZL3OSAa9w7ACkAdvg8Wiyp7BJgB3tSP7pDML3rstjafyZXhvHF97W3DUavjkaHZog1AwIAAAFWUgAAAAJoAQeZAsJMDX2UOmPv7z-7exCYzNt00r8X-aIHx9QcQ7Nz0Y7fsE4_Gjwvnv3OkiZIUKzr1iXYwJUb5-6JjLwCmqPuMl5Ou3Vkkr9jHqE1KAdtnJ5X_tHUUzSS5wwe6rLsRplI7A9q9gEfPKWSPJgw1KnrsQV4tZF0buS_2sxl4CsXo9kL_BAh9ffIQjzojbk9yZ2hgIY28DzOosnTI122ABDMgPe6ebmaTSMVfgilN1AkJkw496yQPSsupKWMAM53w10y2pJov3zB87Ibn7kclXeF_DoOvgae1oL7KeocVtCGRmdHnbW94AOdQKUKFlLWoq-Crp5GZtgb_vY6bvq8xvX9jwtifnExWlrv8tqoULG9NQjuSC1M3tgElLXfTxAgOP-SOqs9kvlGkK2-IZjsnPPEtgS2ZKLimhiC6Lz2sMHOxmP1cf-tEq6VqNmxm_WDgz-A3bsD3ADd2_4meAaZOwJsRxFaGMBGd_xnwZg56PUuefh9HLxD853yuIgtDgr1fRCgKFSxXM_aB7I1APTTa8gSmB9oikOoXUgeQqpFcM_IwXl4CV0NLv2pVFQGR_q34ddA_T_YBQWIsngo-dkTzSFB7NzjNJIVNNjPlSWV3dLUQ0VMVpj6pSB9AQaKlQ5geTjp7me3pOp1t6U84J-16qaRdh3gYPmGdsVXVrBaqJVMszQifm1K8u3a6jf6zjaDUAZFmzN4ZpacuDS1k6BmKQhga56RagHELcKIlRMLBN7mzBGl-S6_Z7AflyleZEgysdQm1iTEnY6Sq-t8W1S8hZ2sLzbgClDU2KvSWVcbLjAcb1nvOOTon5QzHXrv47DFABUKO2XGteHPMOhemWw3WldFTiEIumdf6dL1ioWGAfn5trqc51bgGY_4wNjup5Qn5KVp4ISxs_ZECwmooYionvVbbB7Ty75MH3ZzunlOPRAG3xgCSQ9o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B9B0 0
0 52ms
52ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=3999773430816612&bg=!-Pul-7_NAAZL3OSAa9w7ACkAdvg8WgAJ84oYN6yvbw6j0hWoD_HGjMHcfzpZZvMDsd5BTfm3_aumMQIAAAE8UgAAAAJoAQcKAErXHBx0cPBuN8SHo6Tw39pOgRHgHViaoSAOEo-skpcuqhEbR-VtnHn87SR6AxDjnjNscaRzxmPhJ2V0TgNwNuf9NY6Z1dfglg4rcJkCyZlXONSyUYwlDdy6uSno52joMAAjcP6Jvgwy9yDZOY0azAt3B20cGjuBAiAX4AqFPKrWZOveKzc19ZNZEHl_vOfZcM8CXC8uNMg0a_Fuk3WLF8rS_X4Iz-AwlwdYp4WJVywRYFpzJqIN8Zye2Mj6JFfa7nsUt9pgHkks877Rqd9CVfrBdF1raPF-_YGfOwO9whTda0P2fbVo5M-5imtnVQNztft526R0yXTg2CgY0NlgD6DPyrVVhc6CwYvRHCxr4rU4-gPfblKpWCLNwxZ8uoOno6NbeVmVNVqR0Y2BA6wiAnY_qYDYAmjGMlN9tus0gRusk2AeR_gO8OtsuWBWyjngQBQyW-Z9rsHGy90xPI85EoGr9a7YbfYbPt_TroTSSTiIW_-UCS71KVDLWDg0NM9yyRdg6Ga0J6sHd2_Wl2YPZFJ71dqnKgXbg29Zw-21mm3M4vd79-CV5SGWDUc0vKI8XqJhPjspA5vPFQo4yavYuum34VfrBjAyCgovkfe5fLyrmTIw8GqNaE77GQnso_WrFJ4mzfWYHUrr83bKamzTYbJ_pB7fjdtce6exXMK1opFCX7D2Hsy18pT9iTo_ji_QXNRjCb8dKuQb7S-V5acuCIFIf5VkIuJer7d5FDlZ8c2bN6VANfd14oKjqiGUROgFJ-TcIEGrdb75GCJpLWsGkOOE49QYCn-HkAix_rIqf8csNANomZDabVGj5DaHldvGzuzDIJZFtj247aZOqds8_YtlpDI_C0ZLF4qg-CD5PxwcVggLLqC3bCWJsiJwP9ibDiyfoW6LEQufI4ptW-dshCv2I2D06aOmwi8tpBORwVrV4lGEw2Z_xoXcX2bVKZy8L_9scIb-3TjnD5hCqobiH1UxcJISHZWrQJR7sxReqRSsWLbk43Hz8yIKejRDHhQlV4lGbU0dgPfyLgJwNp0b68FpCUrsIpqa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F5D 0
0 74ms
74ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=3126093631174329&bg=!9Pel97PNAAZL3OSAa9w7ACkAdvg8WsOHwpfnV59XJO9YuWgIIYEwkqvlxXPzTWB2rE3xXYTSlIOJ3AIAAAExUgAAAAJoAQcKAEr7403qP8IH9ZUzcoLK2n6FpvMkqiZ4kOEngcTqh1jbeTL7uJY_IHx1sVE3llkdV6VM0K5m7Ea57n37pqz2oJOEbkkRSVhRCQEdP5kCxUkJlMkkMHbytoDvGWDCcIFdmIo9J0qSsSW8L1bppjco_7quJYQySJNiqRMhZNRrYORmCZBz-m85gnaHxmNyRnBvqSlTE8P_jEoUe4IVqIQOXAo6gne44T3JlFygc5rte9i9YCH-TJ4X1XnLLem3PrJsbeCJLXqaA7Ow2_JelX883fOJ_MPEXgaYJVtpxOPBA_GZYTRm4EfACVlzLVc2orqcMqX43oReWuTt1-LerZJ193HBg68WAACH0HOEq9tDibBA1gwy9mIv1gP2Ung4x275flf1N-kLADVG2bYZSDNNksN1D87R3qRxrQtgNEBgn5VTpUW0yANTzUB2cXx-GXOxOLPbLKYn1XNH7KdcYsoBVZfyytvr8mBjrRWou1hTXGIt1jPVG-cqBgUjhxCnifAibTcnO8A7nP_CpTiVeC0RmAk_QY8wO7a1B9doabf2SpR6emh8HO2KtxUB78fmGPECV_CFJ6UmYF814fB3ZZ55Iai1Wo04uF7_T1L4wR1YYIpNCZuIOzq1-tgweF3AYRX_jM4kcB0sn5mxRQO6txOjBkOdy66Ix_s2grm1oQj-ifiVSB1RkqfwnhFaW7Sh4XkaWWnN9IE4GRhui4KMRbrFfHc4XmVtr-msTeXor3SpPpXpxzkOaV-Monat5lMWFhcHXmnp5_qU7lYPpUajCJYBAxL-UW-Orp4rq2GPsnectbhvKqLl2amSi0L388Qp0bHqgG0dVgFl2qH_CHI2mbNFu9kpSce7KZAsHkBcVh7FrFOTdr8ZMB7Yom3Agjyr6B3wJ82CVxfemAeHo1QlGU0Uvpd-s_i0p8n6BfHfU-ZhJyHvVeXbZCCpQBVk5aV0e15SmZEXhCqtTIX3gqaY_T3IQkPtHcYBDc1o7Isi0iEf_1apBQbbPaeBsVZtiIvMuSA6ISrclOMwKAKB74hDlyVjTjgUduI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A666 0
0 78ms
78ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1556115177390757&bg=!YmGlYSXNAAZL3OSAa9w7ACkAdvg8WgY9tp4biOvRpmMKSkTUe8PetP1RN7t817BAog0AASTQ0WE3LgIAAAElUgAAAAJoAQcKAFVaE7DMcKWwYtpU7psxj8K_itoUjmjj79OWO0cg8u77QU-7YKI7nSctpnwsRtYDC4djwQeyvrjo-ocAiRO273yKqyE4KKnV3PTBChc4sumnziSmNE7bmQK2SCtfhtQR9nbOlQCYt53xI1jQCa0jElTzjk_9tyMe73cPaRPXBxRTWSCh4_Dnr7bZiCnMqf4ebEkMhKPGWrKIWMU50Ok-3TVx1ZEitI5A784v4WhhBDkFt7cbZEL0pbfg8033DSbsMWZxqnnRWJDpFZwwkOYekXcbQKSmmv8j678o0E9wJXWadwojCjGOsm0HrayxY2-FvfFhEDIilD3hHOK-f5nKpCF6MidLXpTNINbAKwTGXkC8vpSFPlhlSzZt7Y0hnbTgjbpgfoczou1kqkd-xPXAGZZfGikuwiENS7yDvETVqYYVQcHjy3FU8Jx55KsnmFTsLBZcvQR485zX7aLJ3UcO6QPNcyg2bdgbN1-KrcMeZqSk35uXWeQjLk_j11XFEaVBhrE3k1lu4WGQFfNbsFUhb3vfoMQTQ_NgBjEAjoEHfkcLA1dLwEC2DVmbEylYwmVVQNKGETYbFsQ7xVUw7eg6r9CWPLmXXHlV5f77F-MNq3-OrccsBiE2Rxdr8iYb9aCw_QrDZsV-yeHWtWc6q2gFCsNYQmP4hiyNX1_UAxsIJMt5if_nuM6CM_758ntVQsjwabB5kNP506ku38xt5HDHn06GqL5PmNmkQIgEIOyTnUGV4K7gf6FBmUx-icDktbtgLBOdPtv_wEOR7ZPtLzLwdPcuJXRWB48FVhPzl6nzO0qDgczoed-CQl7EPsvH0oyi8Gp7egj3VZKE-QX6nEhWNRNl8PlxJwZ59X7tlTFv9uZe7fZADuw4kHphSUUoPUc9IFIO3S-JndT7KvWjxJ0k4t9wi4MWZ4-8youVaRe7ESpEZw0NHnFRj-VuwBUhNrWbtyrHVYkigvfboRLVLzG1DBupeI8Wox0gMQtuj3504cT6gsJ4m0DcNsV1HzOuy39nAD5DmZL9MPPQBnsUA1VDfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782905&de=25189864961&cu=1652876782905&m=1221&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=166&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=1&ag=1213&an=2&gi=1&gf=1213&gg=2&ix=1213&ic=1213&ez=1&ck=1213&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1213&bx=2&ci=1213&jz=992&dj=1&aa=1&ad=1098&cn=0&gn=1&gk=1098&gl=0&ik=1098&co=1098&cp=992&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=3&ah=992&am=3&xd=00&rf=0&re=1&ft=1098&fv=0&fw=1098&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=nav-ad-plus-leader&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=643639186&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782905&de=25189864961&cu=1652876782905&m=1222&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=166&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=1&ag=1213&an=1213&gi=1&gf=1213&gg=1213&ix=1213&ic=1213&ez=1&ck=1213&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1213&bx=1213&ci=1213&jz=992&dj=1&aa=1&ad=1098&cn=1098&gn=1&gk=1098&gl=1098&ik=1098&co=1098&cp=992&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=992&ah=992&am=992&xd=00&rf=0&re=1&ft=1098&fv=1098&fw=1098&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=nav-ad-plus-leader&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=1036391432&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 17ms
17ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&bo=22308610192&bp=22383746382&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=magnet_article&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26%7Cu9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-H28ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOIaW7S4UrVWTx6jqrPoFzc%3D&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwindows-setup12.live%2F&id=1&ii=4&f=0&j=&t=1652876782905&de=25189864961&cu=1652876782905&m=1223&ar=8d467bec877-clean&iw=b85e0a2&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6368&le=1&lf=0&lg=1&lh=166&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1327%3A1388%3A2263%3A1377&as=1&ag=1213&an=1213&gi=1&gf=1213&gg=1213&ix=1213&ic=1213&ez=1&ck=1213&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1213&bx=1213&ci=1213&jz=992&dj=1&aa=1&ad=1098&cn=1098&gn=1&gk=1098&gl=1098&ik=1098&co=1098&cp=992&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=992&ah=992&am=992&xd=00&rf=0&re=1&ft=1098&fv=1098&fw=1098&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5677026463%3A138390191089&gw=redventuresgamdisplay60805146916&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22383746382&dfp=0%2C1&la=22383746382&zMoatW=728&zMoatH=90&zMoatAType=magnet_article&zMoatMMV_MAX=na&zMoatSlotId=nav-ad-plus-leader&zMoatCURL=windows-setup12.live&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad-plus-leader&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tz=nav-ad-plus-leader&iq=na&tt=na&tu=&tp=&tc=0&fs=198321&na=1596382536&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 18 May 2022 12:26:24 GMT

GET
H2 200 VideoHeartbeat-2.0.2.min.js Show response
www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/ 143 KB
28 KB 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/VideoHeartbeat-2.0.2.min.js

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/video-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

acc16a7acfdc37b4e11c49adba781c8f4192368865c64e4ab37483780952c91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 00:25:00 GMT
etag: "1a6fa75345384e9afed1c6b4dcd6853a"
vary: Accept-Encoding, Accept
content-type: application/javascript
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 28851
expires: Tue, 24 May 2022 04:08:34 GMT

GET
H2 200 AppMeasurement-2.3.0.min.js Show response
www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/ 77 KB
27 KB 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/AppMeasurement-2.3.0.min.js

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/video-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bcc0ac1b386e00fb3f5e5ec0f60682b3023399eff0f7405cb1601042a4d1bf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 00:25:00 GMT
etag: "e3ab07ec915088a6c9425bd63d662a0e"
vary: Accept-Encoding, Accept
content-type: application/javascript
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 27235
expires: Tue, 17 May 2022 00:37:45 GMT

GET
H2 200 mux.js Show response
www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/ 75 KB
21 KB 16ms
16ms Script
application/javascript 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/mux.js

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/video-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

731862a4057fe314533e3459813754404552089418acb34064f8e618c2ac5e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 00:25:00 GMT
etag: "5073f048e6e5303ba2d6bc428c73b15e"
vary: Accept-Encoding, Accept
content-type: application/javascript
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 21717
expires: Tue, 24 May 2022 01:50:28 GMT

GET
H2 206 uvp_blank.mp4
www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/video/ 11 KB
11 KB 16ms
16ms Media
video/mp4 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/video/uvp_blank.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6227f18e898e5b7c708fc1eb1763bd1b2186bdecd6f8b81f4bc1bf84f4d7d4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://windows-setup12.live/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Thu, 27 Jan 2022 00:25:00 GMT
etag: "707bb2a4c9141aba1068d851f5be0409"
vary: Accept-Encoding, Accept
content-type: video/mp4
Content-Range: bytes 0-11246/11247
ttl-set: 1
cache-control: public, max-age=604800
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
Content-Length: 11247
expires: Tue, 24 May 2022 02:41:35 GMT

GET
H2 200 uvpjsDefaults-d41d8cd98f-rev.css
www.cnet.com/a/fly/css/video/common/ 0
227 B 16ms
16ms Stylesheet
text/css 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cnet.com/a/fly/css/video/common/uvpjsDefaults-d41d8cd98f-rev.css

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/video-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 19:21:52 GMT
etag: "ef33d484d7cb70b545e1996b90b8f1ec"
vary: Accept-Encoding, Accept
content-type: text/css
cache-control: max-age=604800,no-transform
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 32
expires: Thu, 19 May 2022 08:06:51 GMT

GET
DATA 200
OK truncated
/ 684 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9110b3e2a4935a76311575fd44dcfc2e805c798fd1342225cbaa0de5c3075bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf157f6748dbcca4652d35061175996eab2fbebf7ef9bae4d96e8c5bd1f747c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bridge3.516.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5AEA 634 KB
205 KB 21ms
7ms Document
text/html 2a00:1450:4001:801::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 165489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210041
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 14:28:15 GMT
expires: Tue, 16 May 2023 14:28:15 GMT
last-modified: Tue, 10 May 2022 20:24:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET client.js
s0.2mdn.net/instream/video/ 0
0

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 9ms
9ms Script
application/javascript 2600:9000:2315:3800:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3800:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: Ba8xo6nXEW9E96H3VH5tDFxouWlth.CH
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 29 Mar 2022 13:42:22 GMT
server: AmazonS3
age: 786
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 18 May 2022 12:13:19 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: tcdRAjrdFftLCMffqlYZrsO4HEHnsbrzlLqkdjbtrP_eI2eVEfRXHQ==

GET
H3 404 / Show response
windows-setup12.live/videos/related-playlist/7-ways-to-take-screenshots-in-windows-11/xhr/ 196 B
672 B 140ms
140ms XHR
text/html 2606:4700:3037::ac43:d212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windows-setup12.live/videos/related-playlist/7-ways-to-take-screenshots-in-windows-11/xhr/
Requested by: Host: www.cnet.com
URL: https://www.cnet.com/a/fly/f7cb05-fly/js/main.default.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://windows-setup12.live/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8aZX10j%2B3z9jGxqpvgZlz%2Bd7rvHaoZjbiJcvF1M64xxkruowz7L%2B93POFUxLlFuRs9g0LfpoEbxmHLoOjGjCk6Rxp7NGuIHvYU1j7kCfAUlLOFLYiIZwSRpz%2BHPtEHM3jJDZPiuVv05Aifh%2FWlfpbaprQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 70d494c0287ae928-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 149ms
38ms XHR
application/json 79.125.102.158

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3C66570E5FE1A4AB0A495FFC%40AdobeOrg&d_nsid=0&d_cid_ic=userId%01&d_cid_ic=puuid%01&ts=1652876784653

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/AppMeasurement-2.3.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.125.102.158 -, , ASN (),

Reverse DNS

Software

Resource Hash

0f18ad3337b218513baa45c609517b60ae42bfc4b7c698d49372337f022c8b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windows-setup12.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v031-063e285da.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Error: 300,300
X-TID: Nt/GLRR/RS0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://windows-setup12.live
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 756
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows-setup12.live

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 97ms
97ms Image
image/gif 35.153.152.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40cnet.com&g=66142&p=https%3A%2F%2Fvideo.cnet.com%2F7c4b62ec-8721-4548-a56c-1faf5549bdff%2Fwindows11_install_v3_%2C360h700k%2C360h1000k%2C720h2500k%2C720h3200k.m3u8&i=How%20to%20install%20Windows%2011%20with%20an%20update%20or%20a%20bootable%20USB&g0=how_to%2Ctech&g1=alison%20denisco%20rayome&u=Ci9iTkQyKJVCw9FtT&t=C7JOhRBfJ5DCBxsCWsTur6wmIdYp&x=0&y=0&V=132&VS=VS&n=1&b=2238&r=&_vd=587000&_vi=Windows%2011%3A%20How%20to%20download%20Microsoft%27s%20latest%20OS%20on%20your%20device%20-%20CNET&_vp=windows-setup12.live%2F%3F_%3D%252Ftech%252Fservices-and-software%252Fwindows-11-how-to-download-microsofts-latest-os-on-your-device%252F%2523nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D&_vh=windows-setup12.live&_pu=BwSAvYDi6NfuNM8Vg&_pt=DkNdBtF-90BDY3RCGCEfRJcCjlMeu&_pr=&_vdd=cnet.com&_vt=ct&_vs=s1&_vcs=0&_vvs=0&_vpt=0&_vtn=https%3A%2F%2Fwww.cnet.com%2Fa%2Fimg%2Fresize%2Fe2916a87a35e637eb3c19be23f3304b3705bda9c%2F2021%2F10%2F03%2Fb1c8b7db-a2ef-4ecb-b738-cea763f7f1cc%2Fimg-5763-2.jpg%3Fauto%3Dwebp%26fit%3Dcrop%26height%3D109%26width%3D194&_vaup=cont&_vplt=3.2.4&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.152.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-152-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 12:26:24 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FA1F 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 May 2022 13:00:38 GMT

GET
H2 200 P0EA7CD2E-455C-4925-95F9-FC8A7E69BB99.js Show response
cdn-gl.imrworldwide.com/conf/ 29 KB
7 KB 11ms
11ms Script
application/javascript 2600:9000:2315:3800:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P0EA7CD2E-455C-4925-95F9-FC8A7E69BB99.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3800:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ef504f5aff9cf09d920edc1159dc138277189b5bbfe417e5b110f9e54c8ff66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: G5xwTibr_HjMHBjc2epj4DBwKL1aqHjG
content-encoding: gzip
etag: W/"93dc5c2189779cb198828a341cd01f98"
last-modified: Wed, 18 May 2022 09:15:20 GMT
server: AmazonS3
age: 2964
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 18 May 2022 11:37:02 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Nm4d79wrGKaTA8IJtIVGLEdg53g5yk9abPeyvht97p-j4qCF6Uhodw==

GET
H/1.1 200
OK dest5.html Show response
newimagitas.demdex.net/ Frame 4C66 7 KB
3 KB 128ms
29ms Document
text/html 52.31.67.18

General

Check archive.org

Show headers Download Go to

Full URL

https://newimagitas.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/AppMeasurement-2.3.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.67.18 -, , ASN (),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v031-0f46fb2c8.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JqxgWripRD8=
content-encoding: gzip
date: Wed, 18 May 2022 12:26:24 GMT
last-modified: Wed, 27 Apr 2022 09:29:24 GMT
vary: accept-encoding

GET
H2 200 id Show response
saa.cnet.com/ 48 B
509 B 99ms
16ms XHR
application/x-javascript 15.236.176.210

General

Check archive.org

Show headers Download Go to

Full URL

https://saa.cnet.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=3C66570E5FE1A4AB0A495FFC%40AdobeOrg&mid=08476243227261724511940916988172587213&ts=1652876784821

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/AppMeasurement-2.3.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 -, , ASN (),

Reverse DNS

Software

jag /

Resource Hash

e219d7d24ed70d83a29873921e5d35d35c527b5546e7e8d706c0d021b7e71dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windows-setup12.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-df488f754-vxfnv
vary: Origin
x-c: main-1645.Id526ce.M0-571
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://windows-setup12.live
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YoTl8AAAAK3bCQOY
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=00811440377314181711156458021631559637
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YoTl8AAAAK3bCQOY

42 B
945 B

55ms
31ms

Image
image/gif

79.125.102.158

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YoTl8AAAAK3bCQOY

Protocol

HTTP/1.1

Server

79.125.102.158 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v031-08173123b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Fp+O/lp9Sy4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YoTl8AAAAK3bCQOY
Date: Wed, 18 May 2022 12:26:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5AEA 3 KB
2 KB 47ms
47ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?vid=1eb899ca-f7fa-4b9f-837d-e729942b4546&sz=640x483&iu=%2F22309610186%2Fvaw-cnet%2Fdesktop%2Fcnet&ciu_szs=300x60&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&url=https%3A%2F%2Fwindows-setup12.live%2F&description_url=https%3A%2F%2Fwindows-setup12.live%2F&correlator=2327193532906630&cmsid=2573659&pp=vpaid_js&cust_params=vguid%3Dddda662b-52cd-4549-82a3-26903f6e4f3f%26embed%3D0%26host%3Dwindows-setup12.live%26sb%3D0%26vid%3D1eb899ca-f7fa-4b9f-837d-e729942b4546%26ptype%3Darticle%26contentType%3Dproduct-advice%26session%3Da%26subses%3D6%26cid%3Dwindows-11-how-to-download-microsofts-latest-os-on-your-device%2C8ebfc936-16d2-4974-a620-a33953dbcc9a%26collection%3Dnewsbox-tracker%26mfr%3D%2Cmicrosoft%26section%3Dhow_to%26userGroup%3Dfirst_impression%26tag%3Dwindows-11%2Cmicrosoft%2Cwindows-10%2Csatya-nadella%26edition%3Dus%26topic%3Dtech%2Cservices-and-software%2Coperating-systems%2Ccomputing%2Cwindows%2Cmicrosoft%2Cdesktops%2Cwindows-10%2Csoftware%2Candroid%26sectopic%3Dtech%2Cservices-and-software%2Ctech%2Ccomputing%26ptopic%3Doperating-systems%26pid%3Dwindows%2011%20how%20to%20download%20microsofts%20latest%20os%20on%20your%20device%2Cmicrosoft%20windows%2010%2Cwindows%2010%2Claser%20tek%20services%26pv%3D1%26ctax%3Dtechnology-and-computing%2Cshareware-and-freeware%26ctopic%3Doperating-systems%2Ccomputing%2Cservices-and-software%2Ctechnology%2Ctech_innovations%2Cwindows_operating_system%26entity%3Ddevice%2Cdownload%2Celigible-device%2Cfree-upgrade%2Cinstallation%2Cinstallation-assistant%2Cmicrosoft%2Cnew-pc%2Cupgrade%2Cwindow&vpa=auto&vpmute=1&sdkv=h.3.516.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2388223843&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.516.0&sid=21BD0725-1063-49F5-AEBB-EA2009DC6ADE&nel=0&eid=44730465%2C44737473%2C44750824%2C44761692&dt=1652876784836&cookie=ID%3Dacc9e5792a21aed4%3AT%3D1652876781%3AS%3DALNI_MaFTkaq8SZeJ0qIcSQVfGzcWYRxZw&scor=2831940219973445&ged=ve4_td7_er868.1038.1018.1338_vi0.0.1200.1600_vp100_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.516.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4196ba8e4c6a246c1724fcb5865c8cb88401f3bfc769230adc4f9e8260df57fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 12:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1366
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 10ms
10ms Script
application/javascript 2600:9000:2315:3800:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P0EA7CD2E-455C-4925-95F9-FC8A7E69BB99.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3800:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windows-setup12.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding: gzip
etag: W/"81a9e2a298d0019660cb2966f0c24748"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
age: 1950
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 18 May 2022 11:53:55 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 79nJdLOwmQMuHNSYYi6lv9VqyNcAvdcLH99pVXwax-1akn5DN6AiEA==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 7099 12 KB
4 KB 9ms
9ms Document
text/html 2600:9000:2315:3800:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3800:2:42d9:3100:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://windows-setup12.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2077
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 18 May 2022 11:51:48 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-id: jvHDcYp4CZqwZmaXDuGnLftuKe3e8hssOWRg4MXeyPYNDg7pXT5byg==
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache: Hit from cloudfront

GET ads
pubads.g.doubleclick.net/gampad/ Frame 5AEA 0
0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 31ms
31ms XHR
application/json 79.125.102.158

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3C66570E5FE1A4AB0A495FFC%40AdobeOrg&d_nsid=0&d_mid=08476243227261724511940916988172587213&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=userId%01&d_cid_ic=puuid%01&ts=1652876784928

Requested by

Host: www.cnet.com
URL: https://www.cnet.com/a/video-player/uvpjs-rv/3.2.4/lib/tracking/adobe/AppMeasurement-2.3.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.125.102.158 -, , ASN (),

Reverse DNS

Software

Resource Hash

c0346e61bc161ffa261821e29f21fe8b0777b0e6293357071dcaaab8d79dd889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windows-setup12.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v031-0353f7add.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Error: 300,300
X-TID: qDZWQ6x0Q3U=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://windows-setup12.live
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 756
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET gn
secure-us.imrworldwide.com/cgi-bin/ Frame 7099 0
0

GET
H2 200 /
jjm8xtxrh8o1q146shsfb6giidstp1652876784.nuid.imrworldwide.com/ Frame 7099 35 B
349 B 50ms
7ms Image
image/gif 2600:9000:2057:f400:1d:667e:2a40:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jjm8xtxrh8o1q146shsfb6giidstp1652876784.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f400:1d:667e:2a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 00:59:51 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 41194
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 8OTdf1Nt_VlEAA8OdbY1V88E4E4PLejmiGlp3wcd8SzBIlOzsFfTjA==

GET

ibs:dpid=477&dpuuid=e52943659e93153c695ba63055f343ea33fb7888305254877cec1a53d4e6998cb0da87c991749652
dpm.demdex.net/ Frame 4C66
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=00811440377314181711156458021631559637
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDA4MTE0NDAzNzczMTQxODE3MTExNTY0NTgwMjE2MzE1NTk2MzcQABoNCPDLk5QGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=e52943659e93153c695ba63055f343ea33fb7888305254877cec1a53d4e6998cb0da87c991749652

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: admiral-mtml.mt.rvapps.io
URL: https://admiral-mtml.mt.rvapps.io/api/v1/content_suitability_id?content_id=8ebfc936-16d2-4974-a620-a33953dbcc9a&site=cnet&key=AIzaSyBeObCAKcZ7wX_3OeSzSogGsReTLAD_g0Y

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/instream/video/client.js

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22309610186%2Fvaw-cnet%2Fdesktop%2Fcnet&sz=640x483&ciu_szs=300x60&cust_params=vguid%3Dddda662b-52cd-4549-82a3-26903f6e4f3f%26embed%3D0%26host%3Dwindows-setup12.live%26sb%3D0%26vid%3D1eb899ca-f7fa-4b9f-837d-e729942b4546%26ptype%3Darticle%26contentType%3Dproduct-advice%26session%3Da%26subses%3D6%26cid%3Dwindows-11-how-to-download-microsofts-latest-os-on-your-device%2C8ebfc936-16d2-4974-a620-a33953dbcc9a%26collection%3Dnewsbox-tracker%26mfr%3D%2Cmicrosoft%26section%3Dhow_to%26userGroup%3Dfirst_impression%26tag%3Dwindows-11%2Cmicrosoft%2Cwindows-10%2Csatya-nadella%26edition%3Dus%26topic%3Dtech%2Cservices-and-software%2Coperating-systems%2Ccomputing%2Cwindows%2Cmicrosoft%2Cdesktops%2Cwindows-10%2Csoftware%2Candroid%26sectopic%3Dtech%2Cservices-and-software%2Ctech%2Ccomputing%26ptopic%3Doperating-systems%26pid%3Dwindows%2011%20how%20to%20download%20microsofts%20latest%20os%20on%20your%20device%2Cmicrosoft%20windows%2010%2Cwindows%2010%2Claser%20tek%20services%26pv%3D1%26ctax%3Dtechnology-and-computing%2Cshareware-and-freeware%26ctopic%3Doperating-systems%2Ccomputing%2Cservices-and-software%2Ctechnology%2Ctech_innovations%2Cwindows_operating_system%26entity%3Ddevice%2Cdownload%2Celigible-device%2Cfree-upgrade%2Cinstallation%2Cinstallation-assistant%2Cmicrosoft%2Cnew-pc%2Cupgrade%2Cwindow&url=https%3A%2F%2Fwindows-setup12.live%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwindows-setup12.live%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36%2Cgzip(gfe)&crcapp=1&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=60000&vrid=1216478&sid=21BD0725-1063-49F5-AEBB-EA2009DC6ADE&adk=2388223843&correlator=2327193532906630&dt=1652876784916&ged=ve4_td7_er868.1038.1104.1457_vi0.0.1200.1600_vp100_ts0_eb24168&is_amp=0&omid_p=Google1%2Fh.3.516.0&osd=2&ptt=20&scor=2831940219973445&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vis=1&u_so=l&eid=44730465%2C44737473%2C44750824%2C44761692&hl=en&frm=0&cmsid=2573659&sdki=44d&sdkv=h.3.516.0&sdr=1&video_doc_id=1eb899ca-f7fa-4b9f-837d-e729942b4546&vpa=auto&vpmute=1&nel=0&pp=vpaid_js&kfa=0&tfcd=0&ctv=0&cookie=ID%3Dacc9e5792a21aed4%3AT%3D1652876781%3AS%3DALNI_MaFTkaq8SZeJ0qIcSQVfGzcWYRxZw

Domain: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P0EA7CD2E-455C-4925-95F9-FC8A7E69BB99&sessionId=jjm8xtxrh8o1q146shsfb6giidstp1652876784&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=477&dpuuid=e52943659e93153c695ba63055f343ea33fb7888305254877cec1a53d4e6998cb0da87c991749652

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windows-setup12.live/	1969-12-31 23:59:59	Name: fly_js_debug Value: []
windows-setup12.live/	1970-01-20 03:08:52	Name: pv Value: 1
windows-setup12.live/	1969-12-31 23:59:59	Name: cnet_ad Value: {%22type%22:%22gpt%22%2C%22region%22:%22aw%22%2C%22subses%22:%226%22%2C%22session%22:%22a%22}
windows-setup12.live/	1970-01-20 11:53:32	Name: _mfuuid_ Value: 4ad90e28-11cf-411e-b4c5-c5614f396bb9
.doubleclick.net/	1970-01-20 12:29:32	Name: IDE Value: AHWqTUkGLfZaas3E7T4ZioPHKmX-VT6_aQGnT9gXVEqsL9rcLL67ktZu6ebX2kxxfVk
.windows-setup12.live/	1970-01-20 12:29:32	Name: __gads Value: ID=acc9e5792a21aed4:T=1652876781:S=ALNI_MaFTkaq8SZeJ0qIcSQVfGzcWYRxZw
.windows-setup12.live/	1970-01-20 11:53:32	Name: utag_main Value: v_id:0180d7221f600041efb6150f270803073001d06b00b08$_sn:1$_ss:0$_st:1652878582719$ses_id:1652876779361%3Bexp-session$_pn:1%3Bexp-session
windows-setup12.live/	1969-12-31 23:59:59	Name: OptanonAlertBoxClosed Value: 0000-00-00T00:00:00.000Z
windows-setup12.live/	1970-01-20 12:36:44	Name: _cb Value: BwSAvYDi6NfuNM8Vg
windows-setup12.live/	1970-01-20 12:36:44	Name: _chartbeat2 Value: .1652876783682.1652876783682.1.CfHjACC7r68WC-ssa_CbUwCTDkmdeH.1
windows-setup12.live/	1970-01-20 03:07:58	Name: _cb_svref Value: null
.scorecardresearch.com/	1970-01-20 20:24:44	Name: UID Value: 1276782edab86ae44cd79cb1652876783

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.go-mpulse.net/api/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&d=windows-setup12.live&t=5509589&v=1.720.0&if=&sl=0&si=baeaf399-4186-4354-8e8b-2ea8d22ebbcb-rc2vvt&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://windows-setup12.live/?_=%2Fscripttemplates%2FotSDKStub.js%23nQ1QFOS2NOOG1yqRWpEAl3oApomhd4pTog%3D%3D/consent/d7b19758-74b7-4244-8f94-61299f58ea38/d7b19758-74b7-4244-8f94-61299f58ea38.json Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://c.go-mpulse.net/api/v2/config.json?key=38QDY-8CT77-8XNH2-VJQTD-EK4YX&t=1652876779216&s=5facfe0037a0181668a2264d3dd22c77045b1de3228db63a4cb0d4b1461bb907 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://windows-setup12.live/news/windows-11-how-to-download-microsofts-latest-os-on-your-device/pubdate/xhr/ Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://windows-setup12.live/ Message: The resource https://windows-setup12.live/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FMonumentGrotesk%2FVariable.woff2%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://windows-setup12.live/ Message: The resource https://windows-setup12.live/?_=%2Fa%2Ffly%2Fbundles%2Fcnetcss%2Ffonts%2FSentinel%2FSemibold.woff2%23nQ1QFOS2NOOSxDORWpAKiD0GpYU%3D was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	error	URL: https://windows-setup12.live/ Message: Access to fetch at 'https://admiral-mtml.mt.rvapps.io/api/v1/content_suitability_id?content_id=8ebfc936-16d2-4974-a620-a33953dbcc9a&site=cnet&key=AIzaSyBeObCAKcZ7wX_3OeSzSogGsReTLAD_g0Y' from origin 'https://windows-setup12.live' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://admiral-mtml.mt.rvapps.io/api/v1/content_suitability_id?content_id=8ebfc936-16d2-4974-a620-a33953dbcc9a&site=cnet&key=AIzaSyBeObCAKcZ7wX_3OeSzSogGsReTLAD_g0Y Message: Failed to load resource: net::ERR_FAILED
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://windows-setup12.live/videos/related-playlist/7-ways-to-take-screenshots-in-windows-11/xhr/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://windows-setup12.live/videos/related-playlist/7-ways-to-take-screenshots-in-windows-11/xhr/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

07079cad87021f551d5e5e3349bd5ebe.safeframe.googlesyndication.com
4c8f135e8bcb9592a723075cf225c89a.safeframe.googlesyndication.com
8b6dc4759cbcbf22cc4579a4b7eb946b.safeframe.googlesyndication.com
99587e191b283db4616860192a2f4e38.safeframe.googlesyndication.com
a.myfidevs.io
admiral-mtml.mt.rvapps.io
adservice.google.com
adservice.google.de
aswpsdkus.com
at.adtech.redventures.io
c.amazon-adsystem.com
c.go-mpulse.net
cdn-gl.imrworldwide.com
cm.everesttech.net
confiant-integrations.global.ssl.fastly.net
dpm.demdex.net
e49862e2040a70d3eaacdab0cdd53044.safeframe.googlesyndication.com
ee8cf67e18beae29ef54c06105a8f3b7.safeframe.googlesyndication.com
firestore.googleapis.com
geo.moatads.com
imasdk.googleapis.com
jjm8xtxrh8o1q146shsfb6giidstp1652876784.nuid.imrworldwide.com
mb.moatads.com
newimagitas.demdex.net
pagead2.googlesyndication.com
ping.chartbeat.net
pubads.g.doubleclick.net
px.moatads.com
redventuresgamdisplay60805146916.s.moatpixel.com
s0.2mdn.net
saa.cnet.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.myfinance.com
tags.tiqcdn.com
tpc.googlesyndication.com
unpkg.com
urs.cnet.com
windows-setup12.live
www.cnet.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.myfinance.com
z.moatads.com
admiral-mtml.mt.rvapps.io
dpm.demdex.net
pubads.g.doubleclick.net
s0.2mdn.net
secure-us.imrworldwide.com
104.75.88.194
142.250.185.98
15.236.176.210
151.101.130.154
151.101.65.194
18.168.99.230
184.87.213.172
2.20.86.213
2600:9000:2057:f400:1d:667e:2a40:93a1
2600:9000:2315:2e00:18:1fcd:351:7bc1
2600:9000:2315:3800:2:42d9:3100:93a1
2606:4700:3037::ac43:d212
2606:4700::6810:7eaf
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a02:26f0:f7:181::11a6
2a04:4e42:4c::666
2a06:98c1:3120::a
3.218.28.227
34.120.203.121
35.153.152.203
35.227.208.151
52.31.67.18
54.154.144.208
65.9.66.173
79.125.102.158
99.86.7.38
026eb603a99f100ea2d60da115e1ceb15419d2b6e4b47c4010645035388fae6e
0395f2a5bd4241f7b062643e4bed84d25327932c2d2576c3e7f51b892b5bd208
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
065c761d12c29d5e99d55ae46f5541f4e2688e33a0931fd63c12cc2f6223abd8
066fc3ce045361bba8240f583393178cdedced02f8d4bb917c2d3f0520032564
069e566bc04f2bd3e8dfa3193147990b8c9122a912aafca3ab39d1e7b193ba8d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0827b517884b12ce38a9fb9cb038bbbd8ab5384dc2ccb5440c74e8655de73e44
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0d2078bf12beaaf3694eb02a46c6de631d4a5e4ba52b25d3d9a64c7c52626fad
0f18ad3337b218513baa45c609517b60ae42bfc4b7c698d49372337f022c8b80
0f74dbed1d29665781e054861d07a1321aaee5d29c834876752e86d96f075c4b
106f31f1d5f1d6f0e560168ae9977701ec72c297374fd2ecc5def16b27268e6f
108c2ceece5bddb2bed908b11281788a4bed90307c3ef251cea834a59df48dcb
15b74ffa52355fe62c1b8cd95c60227724238677736ac0c100ee87511558d0c3
18de5cf69a219d96e4893face075b87cf39858701e63cfc6e0a069e1e79738f6
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
19a1c3036911314c87acc93b75ee0bc9bd8a4dcc3c3bd1cc3830dab2c116fba8
1aad8bd7bc550ba0f53fbe4717004181372a217ac853882b173f7937424cf536
1b3b2fb20c7112dc96d8693c7d7bf31f524f016c2f81952ea5a82444fd0ede41
1dbe7c4a485140cba3dab912aad4efd6b27335fbe7ddff0b0cf9d354ddf24a94
20537289c8e7f4b235534658e498634d0a948fb7f32dfe3ce9eb22610e057fc3
262b9f64b0f097d7fa0cd46c9d7fb42542b2a3eca1ff6dc36b71f3e199c0b0a1
2749d85e39036858e8922682771f0d0dba813c75e3d616f5c54284c2817ae761
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
303eab7c02913f0428e2993bef701038a1248f06ac777ac5a0abc6ea40784fed
318d9cc75671ea70c721e0aa88bf80955ce18e7ba0a63f349c187196677ffae0
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
39ce831c2d42884a6bc694df10253f7d52b9e6c18c9e92b7ee5b00ba7ad0c14d
3a4411095cf3edaaccc4cdc906eaa79e7b929eaeba5596cac8bfb691f7b855e6
3abfafd3b7a3c3d46ff32f955088f07c383c6629fc0334d03746ef589c881155
4196ba8e4c6a246c1724fcb5865c8cb88401f3bfc769230adc4f9e8260df57fe
4236796979b20c74c5f32531d37e3ab3a712f3e1ef58557961aea69818456e31
44ef8c92c253d5730dcc16752d863ec079cda2f1de7272b44220d71e9ee35670
465020d09e0f92caf7560a28f3c29f6abaa5d841db3b0475d8cf5243ba73ac25
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4
46a730afca4cb7c9084264354277c6b6a3b9543bf6c86b1315eaeb7ef82a323f
4e7c35a7dd9568bcb726a1594b41248a0b6b053c2c74ce767f0424e08e255feb
4ef504f5aff9cf09d920edc1159dc138277189b5bbfe417e5b110f9e54c8ff66
5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e
53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58fbf41a3cc149922b857837eb81f494a6e0c17f141353d3555121f30873a779
5aab77d1e975faf8b66b4ae8e2ccecc178b32680b1b09eaa1b7fcb50f7454c3c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227f18e898e5b7c708fc1eb1763bd1b2186bdecd6f8b81f4bc1bf84f4d7d4e6
628287714107bdd04c456e70e663d1525784d9c788d7b7874ebd4b22805c9032
637958195f386b62605c91441e0321fc3359f3813fe268a0e95ab0617ea00596
67aa092bce49bb5a37a4253424c9f1e50bc6b0bbdcc28de06015a3b9413da166
6a155451cb84984e82b1cad7d81118c88cf5f8d3218da29e9314031dd712c924
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ccb27532473603919d5948c414cc1c0d0b189548b7752b9101d992680ef0e9a
6f336d157ea725abc96d756462a6c77a86cf9ba8a859b7019e905100ecf7b488
731862a4057fe314533e3459813754404552089418acb34064f8e618c2ac5e25
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d3b75266cad928fb68bb036efd74fa91c23ae4e54b8d99540473847f3244dae
7da0d535603a6931ac5126c47d39756e381e4397e6e4470a57303233c193ac90
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
82a7e1ae584a28f6fd9a1c21c4b9b46ddcee06c94a65a49f57bac3a2ab1d1d66
8c991f0bd0f52329102fa6cd8c8b29623f03702db25a53fc23fa5204dc82cf03
8dfd2e1359d46fad630a3d6423487c30d30b0d07e6a59ebbfc701d6ab42ad520
9110b3e2a4935a76311575fd44dcfc2e805c798fd1342225cbaa0de5c3075bbf
956e7f4101334dcee918edcc3612acf0defaf53c225f75fc205e2f09717ee5d2
970e57c644deaf3000feaa50fbddf1d2948d24fc6caeeb754571f13e34381a2c
99ade07bb072b245ae2c644f2671c699ac716e3219d644b19e3a62083832241f
9b5c9d9f64eafecd2cc20a84944ce1750ce5dfbe5bd245f7ec408100fd845e9a
9f5ac6b43f6acf5949acc9f633aae7af8a74a9d1210fdad0a9f3f9fd31f17e2e
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4517bb2b01f5e0fd6453dc3663276b45195fbc6580c6278e021fc04cca702b6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4faf82e8094578493fe5f94a41f896c24ac53cdaba7d91749431dc43ebbd425
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7fe9f41630ccd20ab1281b3a5116d757a82147b6d34621aa9e9c96df76c30bf
ac0299a3439fbae1af000d2f8030646570c0c2d4598d8ca202a2bc95bb5ae3da
acc16a7acfdc37b4e11c49adba781c8f4192368865c64e4ab37483780952c91e
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad7f0672ed74b2d0fb68bad63424a2ac419489e4607406dc51b7ffe7617cf4c2
b60ff7091ff768be7f49c538c7277a6ad189c96098ca7f103500a3a81a84ecb9
b766d96e65691c3d05e08120e72cef01873b97c47a2827eacf4f589f8eb0623a
bcc0ac1b386e00fb3f5e5ec0f60682b3023399eff0f7405cb1601042a4d1bf2b
be71b63f275e25b3be268e5aba5810ab566e4db7359c25377838afc7baba9c16
c0346e61bc161ffa261821e29f21fe8b0777b0e6293357071dcaaab8d79dd889
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1cfe5dfe17054082cba9586fd595101a7e60439593aea94648600c8b8587e10
c50d5d10df377bd960648973b53891bfcaf48f457503eed023ad2c29f28e49b2
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
ca3d0a3985f2aed9f85e876e728ad29f02857884a0d6d4ad9fc2e05c4fa9d53c
cc94efb101c2ad43bc494e3ab94ad38b7a8d55912e96a188ddfdd062561858e0
cdbcf254729888ea6bd848f36b71a68b035cd9eb48ec008b2bbfe3457bcbb478
ce98257dc9ab9092e17aeacf8d20aa9eee43ac7bcdbee90267eaa4505f659c1a
cf157f6748dbcca4652d35061175996eab2fbebf7ef9bae4d96e8c5bd1f747c2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09a15b093affda410fabea5ed1bb178bc0576412aa249cd2a46dbe5b2966159
d0b7acfa6cb21d4b14adafef0980ecc8054b66a77227320c492686f5aab343ab
d24bc728a544b50da211b82fbdd554e6b237cf64e4322a9bd6017628a4de6ebb
d2fde103237b323ef7661668c7c16921ef0ebc97d7b747b8bd5b9409478fd8f9
ddeed12da62377630b8c0c1a02782af21db0dc46fe71c9a49c160e8476c12beb
e219d7d24ed70d83a29873921e5d35d35c527b5546e7e8d706c0d021b7e71dfc
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580c6ecc589733f053a6bec86dabf075a95a3b80d200153fa317ff1a060f119
ec4d07aa54eb6b580986d6e6470f0aabef20890dcdfc545a475f3c5782e2a24b
edc5b06af5d2a98faa9164bab90273b8cb2729b663aa08cc9715fe0b49605004
ee94dad356f6210ceaab58d4201de993f966e9e8bbbd1f6280c65a77dfda9426
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f279f6d6a9bbafc4ecc149c74987e5c5d1ef566d57e92e61501552f660f99c5b
f482add2f43253a28609f2fe2bbd57455565aa29d7c4cf3d088de7812478ff7f
f62becda61c0c6ffb5c809575d73485504a5460d773226c438385794bf1bf047
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f9808fd3f7a54d3f5f1e329e5f4aab4cac723b082842459cdca2fc6c0dbd40b3
f99f0d862a54f81e67f85c1e0ed6518677f029d0d59715cb0d8937156b45a122
fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
ff34b6f2cfaf31e0c0b07803273b56ca1f07569e56c77dfbe740298fe0a98534

windows-setup12.live Open in urlscan Pro 2606:4700:3037::ac43:d212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

285 Requests

97 %HTTPS

50 %IPv6

28 Domains

47 Subdomains

34 IPs

4 Countries

5326 kBTransfer

15595 kBSize

12 Cookies

0 Outgoing links

Redirected requests

285 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windows-setup12.live Open in urlscan Pro
2606:4700:3037::ac43:d212 Public Scan

Screenshot
Live screenshot

Full Image

285
Requests

97 %
HTTPS

50 %
IPv6

28
Domains

47
Subdomains

34
IPs

4
Countries

5326 kB
Transfer

15595 kB
Size

12
Cookies

285 HTTP transactions
12 data transactions