checkrain.com Open in urlscan Pro
2606:4700:3035::6812:3fd3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://checkrain.com/
Effective URL:
https://checkrain.com/
Submission: On September 30 via manual (September 30th 2020, 9:24:57 am UTC) from GB

Summary HTTP 36 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3035::6812:3fd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is checkrain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2020. Valid for: a year.

This is the only time checkrain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3035::6812:3fd3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	40.125.79.5 40.125.79.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 10	2606:4700:303... 2606:4700:3038::6815:e9a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	192.99.8.34 192.99.8.34	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
36	15

7 2606:4700:3035::6812:3fd3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

checkrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.125.79.5 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mark.trademarkia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3038::6815:e9a3 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

pluspng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.34 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	pluspng.com 5 redirects pluspng.com	1 MB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	144 KB
7	checkrain.com 1 redirects checkrain.com	29 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	82 B
2	google-analytics.com www.google-analytics.com	18 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	unpkg.com unpkg.com	13 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	youtube.com www.youtube.com
1	trademarkia.com mark.trademarkia.com	18 KB
1	googleapis.com fonts.googleapis.com	758 B
1	googletagmanager.com www.googletagmanager.com	36 KB
36	15

	Domain	Requested by
10	pluspng.com	5 redirects checkrain.com
7	checkrain.com	1 redirects checkrain.com
5	pagead2.googlesyndication.com	checkrain.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	checkrain.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	s10.histats.com	checkrain.com
1	www.youtube.com	checkrain.com
1	mark.trademarkia.com	checkrain.com
1	fonts.googleapis.com	checkrain.com
1	www.googletagmanager.com	checkrain.com
36	18

This site contains links to these domains. Also see Links.

Domain
assets.checkra.in
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-13` - `2021-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
mark.trademarkia.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-24` - `2021-05-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
histats.com Let's Encrypt Authority X3	`2020-09-08` - `2020-12-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://checkrain.com/
Frame ID: 562F5161F1A27947AF49BC59E9F9587A
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/E1Y_600fMAY?&autoplay=1
Frame ID: 881B67181526E6B3CD94D5258E75B6B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=true
Frame ID: 555A729CCCD795F78EC6608A13B3004E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Frame ID: CA8D03A26062A8B5C634174795A9BD14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2331622706574054&output=html&adk=1812271804&adf=3025194257&lmt=1600363125&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcheckrain.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1601457881400&bpp=7&bdt=157&idt=113&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2990607676292&frm=20&pv=2&ga_vid=1246156515.1601457881&ga_sid=1601457882&ga_hid=133206649&ga_fc=0&iag=0&icsg=2099372&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067104&oid=3&pvsid=3159698359853969&pem=911&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=174
Frame ID: DD0F5BCFED6EF0EC2F00430D1F0B3B8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: A59DF747471B09037D191ACCD11DADEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://checkrain.com/ HTTP 301
https://checkrain.com/ Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /scrollreveal(?:\.min)(?:\.js)/i

Page Statistics

36
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

18
Subdomains

15
IPs

5
Countries

1339 kB
Transfer

1762 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://assets.checkra.in/downloads/linux/cli/x86_64/eda98d55f500a9de75aee4e7179231ed828ac2f5c7f99c87442936d5af4514a4/checkra1n
Title: Download for Linux (beta)

Search URL Search Domain Scan URL

URL: https://twitter.com/checkra1n
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://checkrain.com/ HTTP 301
https://checkrain.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://pluspng.com/img-png/random-png-27lines-221-random-png-990.png HTTP 301
https://pluspng.com/img-png/random-png-27lines-221-random-png-990.png

Request Chain 9

http://pluspng.com/img-png/random-png-file-chord-1000-random-png-729.png HTTP 301
https://pluspng.com/img-png/random-png-file-chord-1000-random-png-729.png

Request Chain 10

http://pluspng.com/img-png/png-hd-bike-motorbike-png-hd-400.png HTTP 301
https://pluspng.com/img-png/png-hd-bike-motorbike-png-hd-400.png

Request Chain 11

http://pluspng.com/img-png/png-hairstyle-hair-png-image-26034-861.png HTTP 301
https://pluspng.com/img-png/png-hairstyle-hair-png-image-26034-861.png

Request Chain 12

http://pluspng.com/img-png/random-png-file-pythagoras-baum-color-random-png-732.png HTTP 301
https://pluspng.com/img-png/random-png-file-pythagoras-baum-color-random-png-732.png

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
checkrain.com/
Redirect Chain

http://checkrain.com/
https://checkrain.com/

11 KB
4 KB

147ms
129ms

Document
text/html

2606:4700:3035::6812:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04aff6c4cf04cce6a5feb39a6d397d29da3b6daefeac130222778a296123139f

Request headers

:method: GET
:authority: checkrain.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 30 Sep 2020 09:24:41 GMT
content-type: text/html
set-cookie: __cfduid=d7e908be27e4bc92d78db5084614eb3c41601457881; expires=Fri, 30-Oct-20 09:24:41 GMT; path=/; domain=.checkrain.com; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 17 Sep 2020 17:18:45 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 057fed181800002b6595997200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5dace46cfc292b65-FRA
content-encoding: br

Redirect headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Sep 2020 10:24:41 GMT
Location: https://checkrain.com/
cf-request-id: 057fed17f600002b59168fa200000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5dace46cbc112b59-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-151924787-1

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4393cd4f2a1d7c3404f4d58af7cc83a2a7026b288072dec89b6fa18771d16288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36406
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Sep 2020 09:24:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
758 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af39cd260b3d59c9a4e639c7a25d56f55fc1b238f02939724b7f260371c31a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 09:24:41 GMT
server: ESF
date: Wed, 30 Sep 2020 09:24:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Sep 2020 09:24:41 GMT

GET
H2 200 style.css
checkrain.com/dist/css/ 21 KB
5 KB 24ms
23ms Stylesheet
text/css 2606:4700:3035::6812:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkrain.com/dist/css/style.css
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7506b9ff0a702c449808ae9082c8188a69bf7362153f9deafa5ebd959969fa0b

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 306637
cf-polished: origSize=63225
status: 200
cf-bgj: minify
cf-request-id: 057fed18a000002b659599d200000001
last-modified: Tue, 18 Jun 2019 08:40:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5dace46dce4e2b65-FRA
expires: Sat, 03 Oct 2020 20:14:03 GMT

GET
H2 200 anime.min.js Show response
unpkg.com/animejs@3.0.1/lib/ 17 KB
7 KB 35ms
20ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/animejs@3.0.1/lib/anime.min.js

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28299936
status: 200
vary: Accept-Encoding
cf-request-id: 057fed18ad00000eab593d5200000001
last-modified: Thu, 17 Jan 2019 11:04:46 GMT
server: cloudflare
etag: W/"431b-dTYv3jMy117PNRjfvI1J8sfrPHE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 7f5faa9f0c9cbb41a024ca216ca0eb06
cache-control: public, max-age=31536000
cf-ray: 5dace46dee280eab-FRA

GET
H2 200 scrollreveal.min.js Show response
unpkg.com/scrollreveal@4.0.0/dist/ 16 KB
6 KB 29ms
15ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/scrollreveal@4.0.0/dist/scrollreveal.min.js

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28300211
status: 200
vary: Accept-Encoding
cf-request-id: 057fed18ad00000eab593d6200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4009-olFGSVMkRiWLiX8td2OR9arAZMQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 6e2177a66d8c28def1f0f092eb9fe88c
cache-control: public, max-age=31536000
cf-ray: 5dace46dee2a0eab-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 128 KB
44 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f2dcfc1e72824387d9851a2c96a5b20848ac6fb25ab481bbd305c3f2315a7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45183
x-xss-protection: 0
server: cafe
etag: 17680645947560749777
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Sep 2020 09:24:41 GMT

GET
H2 200 download.png
checkrain.com/dist/images/ 11 KB
11 KB 11ms
10ms Image
image/png 2606:4700:3035::6812:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkrain.com/dist/images/download.png
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf44cb2f5f0902f847ac14969323c3997474ed97d65525583724d47eec79431

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 306637
status: 200
content-length: 11065
cf-request-id: 057fed18c800002b65959a1200000001
last-modified: Fri, 18 Oct 2019 19:53:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5dace46e0f332b65-FRA
expires: Sat, 03 Oct 2020 20:14:03 GMT

GET
H2 200 coolstar-77217449.jpg
mark.trademarkia.com/logo-images/gemaire-distributors/ 18 KB
18 KB 572ms
189ms Image
image/jpeg 40.125.79.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mark.trademarkia.com/logo-images/gemaire-distributors/coolstar-77217449.jpg

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.125.79.5 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ UrlRewriter.NET 1.7.0

Resource Hash

004430503c8ff1f210e3321cfc6c42cefcd5a4f0472fc2c7d65db69cc50f8ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
server
x-powered-by: UrlRewriter.NET 1.7.0
content-type: image/jpeg
status: 200
cache-control: public
date: Wed, 30 Sep 2020 09:24:41 GMT
content-length: 18439

GET
H2

200

random-png-27lines-221-random-png-990.png
pluspng.com/img-png/
Redirect Chain

http://pluspng.com/img-png/random-png-27lines-221-random-png-990.png
https://pluspng.com/img-png/random-png-27lines-221-random-png-990.png

145 KB
145 KB

39ms
22ms

Image
image/png

2606:4700:3038::6815:e9a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pluspng.com/img-png/random-png-27lines-221-random-png-990.png
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16058ecdf0555e05c8d1d571ff4db7e823390624a9587e0a2e7697af306770c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4115701
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 148183
cf-request-id: 057fed191000000eb78d8c3200000001
pragma: public
last-modified: Wed, 01 Nov 2017 06:17:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 5dace46e8f8b0eb7-FRA
expires: Mon, 12 Oct 2020 18:09:39 GMT

Redirect headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
Location: https://pluspng.com/img-png/random-png-27lines-221-random-png-990.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5dace46e2edb0eb7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057fed18d600000eb7802cc200000001
Expires: Wed, 30 Sep 2020 10:24:41 GMT

GET
H2

200

random-png-file-chord-1000-random-png-729.png
pluspng.com/img-png/
Redirect Chain

http://pluspng.com/img-png/random-png-file-chord-1000-random-png-729.png
https://pluspng.com/img-png/random-png-file-chord-1000-random-png-729.png

348 KB
350 KB

33ms
15ms

Image
image/png

2606:4700:3038::6815:e9a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pluspng.com/img-png/random-png-file-chord-1000-random-png-729.png
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e98ea20d5d32c4cfdf2561da4c93cbeefaaef4b09eeb8308a832cb9f180e0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 118267
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 356852
cf-request-id: 057fed191000000eb78d8c2200000001
pragma: public
last-modified: Wed, 01 Nov 2017 06:17:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 5dace46e8f890eb7-FRA
expires: Sat, 28 Nov 2020 00:33:33 GMT

Redirect headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
Location: https://pluspng.com/img-png/random-png-file-chord-1000-random-png-729.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5dace46e28f4d6f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057fed18d60000d6f19c88f200000001
Expires: Wed, 30 Sep 2020 10:24:41 GMT

GET
H2

200

png-hd-bike-motorbike-png-hd-400.png
pluspng.com/img-png/
Redirect Chain

http://pluspng.com/img-png/png-hd-bike-motorbike-png-hd-400.png
https://pluspng.com/img-png/png-hd-bike-motorbike-png-hd-400.png

205 KB
205 KB

44ms
27ms

Image
image/png

2606:4700:3038::6815:e9a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pluspng.com/img-png/png-hd-bike-motorbike-png-hd-400.png
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44d1cc67429f2f84a99063649aafa91c8eef3e914118406657e354d6f61e197

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4115701
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 209709
cf-request-id: 057fed191000000eb78d8c4200000001
pragma: public
last-modified: Sun, 18 Feb 2018 07:11:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 5dace46e8f8d0eb7-FRA
expires: Mon, 12 Oct 2020 18:09:39 GMT

Redirect headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
Location: https://pluspng.com/img-png/png-hd-bike-motorbike-png-hd-400.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5dace46e2b96d6b1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057fed18d60000d6b1d2ae4200000001
Expires: Wed, 30 Sep 2020 10:24:41 GMT

GET
H2

200

png-hairstyle-hair-png-image-26034-861.png
pluspng.com/img-png/
Redirect Chain

http://pluspng.com/img-png/png-hairstyle-hair-png-image-26034-861.png
https://pluspng.com/img-png/png-hairstyle-hair-png-image-26034-861.png

199 KB
200 KB

39ms
22ms

Image
image/png

2606:4700:3038::6815:e9a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pluspng.com/img-png/png-hairstyle-hair-png-image-26034-861.png
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e2c50487b97aac8eda518d6b883b2b03abec41fc3a578cadebdfaa0a5910af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4115701
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 204127
cf-request-id: 057fed191000000eb78d8c5200000001
pragma: public
last-modified: Wed, 25 Oct 2017 23:46:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 5dace46e8f8f0eb7-FRA
expires: Mon, 12 Oct 2020 18:09:39 GMT

Redirect headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
Location: https://pluspng.com/img-png/png-hairstyle-hair-png-image-26034-861.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5dace46e2bac2b89-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057fed18d600002b89c2add200000001
Expires: Wed, 30 Sep 2020 10:24:41 GMT

GET
H2

200

random-png-file-pythagoras-baum-color-random-png-732.png
pluspng.com/img-png/
Redirect Chain

http://pluspng.com/img-png/random-png-file-pythagoras-baum-color-random-png-732.png
https://pluspng.com/img-png/random-png-file-pythagoras-baum-color-random-png-732.png

124 KB
124 KB

39ms
22ms

Image
image/png

2606:4700:3038::6815:e9a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pluspng.com/img-png/random-png-file-pythagoras-baum-color-random-png-732.png
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef628e55598e7f1fe13dc91f37cadfea9fa59f6c60ef4b9144aa6ced3ae37ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4115701
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127190
cf-request-id: 057fed191000000eb78d8c6200000001
pragma: public
last-modified: Wed, 01 Nov 2017 06:17:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 5dace46e8f900eb7-FRA
expires: Mon, 12 Oct 2020 18:09:39 GMT

Redirect headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
Location: https://pluspng.com/img-png/random-png-file-pythagoras-baum-color-random-png-732.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5dace46e2dbadfdb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057fed18d60000dfdb92822200000001
Expires: Wed, 30 Sep 2020 10:24:41 GMT

GET
H2 200 main.min.js Show response
checkrain.com/dist/js/ 1 KB
587 B 12ms
12ms Script
application/javascript 2606:4700:3035::6812:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkrain.com/dist/js/main.min.js
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf8b5733f78870dbac391617977ea034541858aea74f92e84cbcd26559afea9

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 306637
status: 200
cf-request-id: 057fed18c400002b65959a0200000001
last-modified: Tue, 18 Jun 2019 08:40:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5dace46e0f1d2b65-FRA
expires: Sat, 03 Oct 2020 20:14:03 GMT

GET
H2 200 E1Y_600fMAY
www.youtube.com/embed/ Frame 881B 0
0 72ms
71ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/E1Y_600fMAY?&autoplay=1

Requested by

Host: checkrain.com
URL: https://checkrain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/E1Y_600fMAY?&autoplay=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkrain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://checkrain.com/

Response headers

status: 200
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 10950
cache-control: no-cache
x-content-type-options: nosniff
date: Wed, 30 Sep 2020 09:24:41 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Hg9huigC7gw; path=/; domain=.youtube.com; secure; expires=Mon, 29-Mar-2021 09:24:41 GMT; httponly; samesite=None YSC=zM_rD9qjVbo; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 30-Sep-2020 09:54:41 GMT VISITOR_INFO1_LIVE=Hg9huigC7gw; path=/; domain=.youtube.com; secure; expires=Mon, 29-Mar-2021 09:24:41 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hero-back-illustration.svg
checkrain.com/dist/images/ 10 KB
5 KB 12ms
12ms Image
image/svg+xml 2606:4700:3035::6812:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkrain.com/dist/images/hero-back-illustration.svg
Requested by: Host: checkrain.com
URL: https://checkrain.com/dist/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1667333042fb57c86175cd995335ef2a9480f13c9554e7214199a4f2578736

Request headers

Referer: https://checkrain.com/dist/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 520159
status: 200
cf-request-id: 057fed18ca00002b65959a2200000001
last-modified: Tue, 18 Jun 2019 08:41:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5dace46e1f3e2b65-FRA
expires: Thu, 01 Oct 2020 08:55:21 GMT

GET
H2 200 hero-top-illustration.svg
checkrain.com/dist/images/ 5 KB
2 KB 14ms
14ms Image
image/svg+xml 2606:4700:3035::6812:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkrain.com/dist/images/hero-top-illustration.svg
Requested by: Host: checkrain.com
URL: https://checkrain.com/dist/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b0de2d51da13442f9ac80aa9036cf368b71424870234acbec75c43fb116fe0

Request headers

Referer: https://checkrain.com/dist/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 240336
status: 200
cf-request-id: 057fed18ca00002b65959a3200000001
last-modified: Tue, 18 Jun 2019 08:41:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601457881"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5dace46e1f402b65-FRA
expires: Sun, 04 Oct 2020 14:39:05 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdP3pBms.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

862ea4c7412548ae6f04c9e22d1ffeca6e30c6638331d2422d4e76336768dd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://checkrain.com
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:25:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:24 GMT
server: sffe
age: 489568
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14000
x-xss-protection: 0
expires: Fri, 24 Sep 2021 17:25:13 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://checkrain.com
Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:40:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:43 GMT
server: sffe
age: 488672
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12872
x-xss-protection: 0
expires: Fri, 24 Sep 2021 17:40:09 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 132ms
27ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: checkrain.com
URL: https://checkrain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:15:47 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.32/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 5735695

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151924787-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3060
date: Wed, 30 Sep 2020 08:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 30 Sep 2020 10:33:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 555A 0
0 73ms
14ms Document
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/gen_204?id=rmvasftr&type=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
date: Wed, 30 Sep 2020 09:24:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ 229 KB
86 KB 90ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Sep 2020 09:24:41 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/ Frame CA8D 0
0 12ms
1ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200924/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkrain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://checkrain.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 29 Sep 2020 19:38:57 GMT
expires: Tue, 13 Oct 2020 19:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 49544
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=133206649&t=pageview&_s=1&dl=https%3A%2F%2Fcheckrain.com%2F&ul=en-us&de=UTF-8&dt=Checkra1n%20-%20iOS%2013.3.1%20-%20iOS%2014%20Jailbreak&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1634172211&gjid=1384326760&cid=1246156515.1601457881&tid=UA-151924787-1&_gid=1903627805.1601457881&_r=1&gtm=2ou9g1&z=889531694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 09:24:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://checkrain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-151924787-1&cid=1246156515.1601457881&jid=1634172211&gjid=1384326760&_gid=1903627805.1601457881&_u=IEBAAUAAAAAAAC~&z=1259280369

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Sep 2020 09:24:41 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://checkrain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
321 B 349ms
118ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4322498&@f16&@g1&@h1&@i1&@j1601457881493&@k0&@l1&@mCheckra1n%20-%20iOS%2013.3.1%20-%20iOS%2014%20Jailbreak&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:45344389&@b3:1601457881&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fcheckrain.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: 87d7c3b448f294d8ce8c660f4c60b1c648ae8f24db91bce4ea3e2be2a8af1f15

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 09:24:41 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=checkrain.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=checkrain.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame DD0F 0
0 30ms
27ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2331622706574054&output=html&adk=1812271804&adf=3025194257&lmt=1600363125&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcheckrain.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1601457881400&bpp=7&bdt=157&idt=113&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2990607676292&frm=20&pv=2&ga_vid=1246156515.1601457881&ga_sid=1601457882&ga_hid=133206649&ga_fc=0&iag=0&icsg=2099372&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067104&oid=3&pvsid=3159698359853969&pem=911&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2331622706574054&output=html&adk=1812271804&adf=3025194257&lmt=1600363125&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcheckrain.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1601457881400&bpp=7&bdt=157&idt=113&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2990607676292&frm=20&pv=2&ga_vid=1246156515.1601457881&ga_sid=1601457882&ga_hid=133206649&ga_fc=0&iag=0&icsg=2099372&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067104&oid=3&pvsid=3159698359853969&pem=911&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=174
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkrain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://checkrain.com/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Sep 2020 09:24:41 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Sep-2020 09:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Wed, 30 Sep 2020 09:24:41 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
27ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d09f0031ed058800d24b8dfff8b69f92d0e191badcd7ea0a4e462958bc2f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 09:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 09:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Wed, 30 Sep 2020 09:24:42 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame A59D 0
0 26ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkrain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://checkrain.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 30 Sep 2020 09:18:54 GMT
expires: Thu, 30 Sep 2021 09:18:54 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 348
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
45 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=3159698359853969&bg=!xMelx99YsBmgK7bojysCAAAAV1IAAAAOCgDsoocWLsZNlx5RJVsXJOxnh7dX_mog0qK_NfdBYOnbbxPB6e4R6-4OMVimwYRcjvgiRDTS7L86k4fwp-uFBHT23ofCzq294rOrlqUoY7x0eGEt29BFxmXBPIIIlnPPBOVUhNXMWpXqJxyuak339fP7snVKFFpPSlOc2SeNAHk8ZsDlo0sgm9zbNHbKdnL3C0R7s313VBQszIyaTdNds-s26HnIx2hMZdoNq7Hv5qiENA0fBqDZLyTMbcreBG_JnrTiX_LsRTw7JJe46wXnkKilEudaNLMN8LmV1n8YFetrWsv7K0vdoR-2t-gy0haZAaZGmXLzSVFHdfkRjiSsdbXZ69BnzfypXP_tgP7mCzZl4OyllnKvtgFPgcITXyyvNCF3-usQxeGYw53Cksp-42FXv-pABbNLWjGzFJVOKu5Ut2k9-g9iVulpABoZOG4Ka1yp8DsLSqb38CiZtf8zmCOUkXIinPhlwjwkdu61Y4Mw0aQEJ9Cbxga56RGx8bpPkKZRQRm7TTuq8e2BhwqHj12pP9vJPsz3a1dkOz4GFuAyd_EB1MNN2HfJfhfuS-gjLVUMcXkZ2Vezp5aSH3gJnDuXt0fbFfXpU2wfV6n8hT3MT44N0hiA_dRw-CbdTYSCSMmwsa6QAuh1S39ff3kLCAuRl9I1cVyJuqZw9zcrt3mKfp4ONBOxvPeFCpL_S1CA3rRU0iQDFWp3BqGyIWce2WviggDfCof8LNRbh5dM074Gkxs94uDE1x0heYtdZpIper7wMsWFXbB3HBPbgH_GGkLChXsH4vfKJlZgA-FAPRT0EaLb2aDGyxgwSGk-iKrN05YbwY0VSD5-ZvxxSDLZnPpFBJvt98gkv0BqLCNYZHl24d1rf8TiPw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://checkrain.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 09:24:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 22:12:33	Name: IDE Value: AHWqTUkzEwJ_QLcIsyaOwAyCP0j52Vi9SJLoZbwOn5Mks_HKmQObWt6y82qZp3TA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zM_rD9qjVbo
.youtube.com/	1970-01-19 17:10:09	Name: VISITOR_INFO1_LIVE Value: Hg9huigC7gw
checkrain.com/	1970-01-19 21:36:33	Name: HstCnv4322498 Value: 1
checkrain.com/	1970-01-19 21:36:33	Name: HstPt4322498 Value: 1
.checkrain.com/	1970-01-19 13:34:09	Name: __cfduid Value: d7e908be27e4bc92d78db5084614eb3c41601457881
checkrain.com/	1970-01-19 21:36:33	Name: HstPn4322498 Value: 1
checkrain.com/	1970-01-19 21:36:33	Name: HstCns4322498 Value: 1
checkrain.com/	1970-01-19 21:36:33	Name: HstCmu4322498 Value: 1601457881493
checkrain.com/	1970-01-19 21:36:33	Name: HstCla4322498 Value: 1601457881493
checkrain.com/	1970-01-19 21:36:33	Name: HstCfa4322498 Value: 1601457881493
.checkrain.com/	1970-01-19 12:50:57	Name: _gat_gtag_UA_151924787_1 Value: 1
.checkrain.com/	1970-01-19 12:52:24	Name: _gid Value: GA1.2.1903627805.1601457881
.checkrain.com/	1970-01-20 06:22:09	Name: _ga Value: GA1.2.1246156515.1601457881

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
checkrain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mark.trademarkia.com
pagead2.googlesyndication.com
pluspng.com
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
192.99.8.34
2606:4700:3035::6812:3fd3
2606:4700:3038::6815:e9a3
2606:4700::6810:7baf
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9d
40.125.79.5
46.105.201.240
004430503c8ff1f210e3321cfc6c42cefcd5a4f0472fc2c7d65db69cc50f8ac1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04aff6c4cf04cce6a5feb39a6d397d29da3b6daefeac130222778a296123139f
29d09f0031ed058800d24b8dfff8b69f92d0e191badcd7ea0a4e462958bc2f88
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
34e98ea20d5d32c4cfdf2561da4c93cbeefaaef4b09eeb8308a832cb9f180e0c
3f2dcfc1e72824387d9851a2c96a5b20848ac6fb25ab481bbd305c3f2315a7f7
4393cd4f2a1d7c3404f4d58af7cc83a2a7026b288072dec89b6fa18771d16288
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7506b9ff0a702c449808ae9082c8188a69bf7362153f9deafa5ebd959969fa0b
80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301
862ea4c7412548ae6f04c9e22d1ffeca6e30c6638331d2422d4e76336768dd2b
87d7c3b448f294d8ce8c660f4c60b1c648ae8f24db91bce4ea3e2be2a8af1f15
8cf44cb2f5f0902f847ac14969323c3997474ed97d65525583724d47eec79431
9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd
ad1667333042fb57c86175cd995335ef2a9480f13c9554e7214199a4f2578736
aef628e55598e7f1fe13dc91f37cadfea9fa59f6c60ef4b9144aa6ced3ae37ee
af39cd260b3d59c9a4e639c7a25d56f55fc1b238f02939724b7f260371c31a13
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e16058ecdf0555e05c8d1d571ff4db7e823390624a9587e0a2e7697af306770c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e2c50487b97aac8eda518d6b883b2b03abec41fc3a578cadebdfaa0a5910af
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2
f0b0de2d51da13442f9ac80aa9036cf368b71424870234acbec75c43fb116fe0
f44d1cc67429f2f84a99063649aafa91c8eef3e914118406657e354d6f61e197
fdf8b5733f78870dbac391617977ea034541858aea74f92e84cbcd26559afea9

checkrain.com Open in urlscan Pro 2606:4700:3035::6812:3fd3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

80 %IPv6

15 Domains

18 Subdomains

15 IPs

5 Countries

1339 kBTransfer

1762 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

checkrain.com Open in urlscan Pro
2606:4700:3035::6812:3fd3 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

18
Subdomains

15
IPs

5
Countries

1339 kB
Transfer

1762 kB
Size

14
Cookies

36 HTTP transactions
0 data transactions