URL: http://www.winmail-dat.com/decode.php
Submission: On June 18 via manual from AE

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 22 HTTP transactions. The main IP is 75.119.200.249, located in Brea, United States and belongs to DREAMHOST-AS - New Dream Network, LLC, US. The main domain is www.winmail-dat.com.
This is the only time www.winmail-dat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 75.119.200.249 26347 (DREAMHOST-AS)
2 2a04:4e42::621 54113 (FASTLY)
3 23.210.248.44 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 10
Domain Requested by
5 www.winmail-dat.com www.winmail-dat.com
4 pagead2.googlesyndication.com www.winmail-dat.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com 1 redirects www.winmail-dat.com
2 s7.addthis.com www.winmail-dat.com
s7.addthis.com
2 cdn.jsdelivr.net www.winmail-dat.com
1 stats.g.doubleclick.net www.winmail-dat.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 v1.addthisedge.com s7.addthis.com
22 11

This site contains links to these domains. Also see Links.

Domain
www.kopf.com.br
im-a-puzzle.com
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.winmail-dat.com/decode.php
Frame ID: ED974017466FC5F96A2EF81F79F4C2A3
Requests: 18 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Frame ID: 997AA83EA077E436EC22DBB60C8A8807
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190617/r20190131/zrt_lookup.html
Frame ID: 079BD3936773715476B4B06194928574
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363879676505882&output=html&h=90&slotname=6171850971&adk=1493567546&adf=3936649417&w=728&lmt=1560899296&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.winmail-dat.com%2Fdecode.php&flash=0&wgl=1&adsid=NT&dt=1560899296225&bpp=35&bdt=303&fdt=99&idt=99&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&correlator=6924437502120&frm=20&pv=2&ga_vid=231691298.1560899296&ga_sid=1560899296&ga_hid=1099955828&ga_fc=0&ga_wpids=UA-682964-3&iag=0&icsg=537226&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=438&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063845&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.5s6hm1u1o9gw&fsb=1&xpc=XvuHrE2Tuf&p=http%3A//www.winmail-dat.com&dtd=124
Frame ID: B076EA01335429048457D368C203F252
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363879676505882&output=html&adk=1812271804&adf=3025194257&lmt=1560899296&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.winmail-dat.com%2Fdecode.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560899296261&bpp=20&bdt=339&fdt=156&idt=156&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6924437502120&frm=20&pv=1&ga_vid=231691298.1560899296&ga_sid=1560899296&ga_hid=1099955828&ga_fc=1&ga_wpids=UA-682964-3&iag=0&icsg=2634378&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063845&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=1.28tglvwabz4h&fsb=1&dtd=162
Frame ID: B7099A01B0E610C2664C7FAA3938560B
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

22
Requests

50 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

10
IPs

5
Countries

441 kB
Transfer

1283 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 18
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1371704786&utmhn=www.winmail-dat.com&utme=8(Decode*3!DecodeRes)9(Normal*3!No%20file%20uploaded.)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Online%20version%20-%20decoding%20-%20Winmail.dat%20Reader&utmhid=1099955828&utmr=-&utmp=%2Fdecode.php&utmht=1560899296393&utmac=UA-682964-3&utmcc=__utma%3D52861358.231691298.1560899296.1560899296.1560899296.1%3B%2B__utmz%3D52861358.1560899296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150275337&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1371704786&utmhn=www.winmail-dat.com&utme=8(Decode*3!DecodeRes)9(Normal*3!No%20file%20uploaded.)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Online%20version%20-%20decoding%20-%20Winmail.dat%20Reader&utmhid=1099955828&utmr=-&utmp=%2Fdecode.php&utmht=1560899296393&utmac=UA-682964-3&utmcc=__utma%3D52861358.231691298.1560899296.1560899296.1560899296.1%3B%2B__utmz%3D52861358.1560899296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150275337&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-682964-3&cid=231691298.1560899296&jid=150275337&_v=5.7.2&z=1371704786

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request decode.php
www.winmail-dat.com/
10 KB
4 KB
Document
General
Full URL
http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Server
75.119.200.249 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
apache2-dap.caldera.dreamhost.com
Software
Apache /
Resource Hash
749013d654e6b1800e3d2bdff90484573d995f28dc4624eadc8d681f6aad95b6

Request headers

Host
www.winmail-dat.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:15 GMT
Server
Apache
Upgrade
h2
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Cache-Control
private, no-cache, no-store, proxy-revalidate, no-transform
Content-Length
3596
Keep-Alive
timeout=2, max=100
Content-Type
text/html; charset=UTF-8
winmail.css
www.winmail-dat.com/
2 KB
1 KB
Stylesheet
General
Full URL
http://www.winmail-dat.com/winmail.css
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Security
, ,
Server
75.119.200.249 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
apache2-dap.caldera.dreamhost.com
Software
Apache /
Resource Hash
d1eeab641b53c40ba5c56de89d816ab63b496a23f4a4f93059aa2662324968f2

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2019 14:47:44 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
901
Expires
Wed, 17 Jun 2020 23:08:16 GMT
winmail.js
www.winmail-dat.com/
2 KB
1 KB
Script
General
Full URL
http://www.winmail-dat.com/winmail.js
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Security
, ,
Server
75.119.200.249 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
apache2-dap.caldera.dreamhost.com
Software
Apache /
Resource Hash
cdd8635577716c6972e241f2e38fd30de0990ab8e86aa6c013464b0144caf3e4

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2012 15:36:20 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2
Cache-Control
max-age=31536000, public, must-revalidate
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=2, max=100
Content-Length
742
Expires
Wed, 17 Jun 2020 23:08:16 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/
5 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 18 Jun 2019 23:08:15 GMT
content-length
1299
x-served-by
cache-ams21050-AMS, cache-fra19126-FRA
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/
20 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 18 Jun 2019 23:08:15 GMT
content-length
6756
x-served-by
cache-ams21044-AMS, cache-fra19126-FRA
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
WinmailReader.gif
www.winmail-dat.com/img/
1 KB
2 KB
Image
General
Full URL
http://www.winmail-dat.com/img/WinmailReader.gif
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Security
, ,
Server
75.119.200.249 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
apache2-dap.caldera.dreamhost.com
Software
Apache /
Resource Hash
2635850dd6188a6e1a17c54bf9ab5659df4d922bee5aacf3d6c751e3537fe5eb

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Last-Modified
Mon, 05 Dec 2011 21:32:09 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding
Upgrade
h2
Cache-Control
max-age=31536000, public, must-revalidate
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=2, max=100
Content-Length
1400
Expires
Thu, 18 Jul 2019 23:08:16 GMT
addthis_widget.js
s7.addthis.com/js/250/
345 KB
110 KB
Script
General
Full URL
http://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Security
, ,
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
97de0956d11edf44483d9461cb7bac1e20465659368ea7321940ecc75ed5f2da

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jun 2019 17:56:43 GMT
ETag
"5cf953db-56207"
Vary
Accept-Encoding
X-Distribution
99
Content-Type
application/javascript
Cache-Control
public, max-age=600
X-Host
s7.addthis.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112544
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
90 KB
34 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
33cff29354bd93ca888545e3350c87048d3fefc4dc99cb95817dcdffe9463f86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
16370633787260906536
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
34133
X-XSS-Protection
0
Expires
Tue, 18 Jun 2019 23:08:16 GMT
flags.png
www.winmail-dat.com/img/
3 KB
3 KB
Image
General
Full URL
http://www.winmail-dat.com/img/flags.png
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
HTTP/1.1
Security
, ,
Server
75.119.200.249 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS
apache2-dap.caldera.dreamhost.com
Software
Apache /
Resource Hash
cae9cfa35ff999d603b47fb620215770161460682f9dc54a657d0a5c83e93cf7

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Last-Modified
Sun, 30 Jun 2013 20:25:31 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000, public, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
2663
Expires
Thu, 18 Jul 2019 23:08:16 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
6506
date
Tue, 18 Jun 2019 21:19:50 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Tue, 18 Jun 2019 23:19:50 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-4ed3437c01b2d878/
1 KB
858 B
Script
General
Full URL
http://v1.addthisedge.com/live/boost/ra-4ed3437c01b2d878/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
HTTP/1.1
Security
, ,
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
c6cf333ced73aafec678d712aeb06694e2ac3b3db032fa91e0678b4c355a2bcc

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
Surrogate-Key
ra-4ed3437c01b2d878
Server
Jetty(9.4.8.v20180619)
ETag
1575842462--gzip
Vary
Accept-Encoding
Cache-Tag
ra-4ed3437c01b2d878
Cache-Control
public, max-age=55, s-maxage=86400
Content-Disposition
attachment; filename=1.txt
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
434
integrator.js
adservice.google.de/adsid/
109 B
174 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.winmail-dat.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 23:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.winmail-dat.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 23:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/
211 KB
79 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5ef01fd14a3364de67858a6f8d961b7929de1aba52cc2909be888bc2e4cf5983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
3003576940297155321
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
79876
X-XSS-Protection
0
Expires
Tue, 18 Jun 2019 23:08:16 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/ Frame 997A
211 KB
79 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5ef01fd14a3364de67858a6f8d961b7929de1aba52cc2909be888bc2e4cf5983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
3003576940297155321
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
79876
X-XSS-Protection
0
Expires
Tue, 18 Jun 2019 23:08:16 GMT
ca-pub-1363879676505882.js
pagead2.googlesyndication.com/pub-config/r20160913/
108 B
420 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1363879676505882.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 16:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jun 2019 20:23:38 GMT
server
sffe
age
25377
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
118
x-xss-protection
0
expires
Wed, 19 Jun 2019 04:05:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190617/r20190131/ Frame 079B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190617/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190617/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.winmail-dat.com/decode.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.winmail-dat.com/decode.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 17 Jun 2019 13:54:21 GMT
expires
Mon, 01 Jul 2019 13:54:21 GMT
content-type
text/html; charset=UTF-8
etag
9107516332936589630
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7041
x-xss-protection
0
cache-control
public, max-age=1209600
age
119635
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame B076
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363879676505882&output=html&h=90&slotname=6171850971&adk=1493567546&adf=3936649417&w=728&lmt=1560899296&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.winmail-dat.com%2Fdecode.php&flash=0&wgl=1&adsid=NT&dt=1560899296225&bpp=35&bdt=303&fdt=99&idt=99&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&correlator=6924437502120&frm=20&pv=2&ga_vid=231691298.1560899296&ga_sid=1560899296&ga_hid=1099955828&ga_fc=0&ga_wpids=UA-682964-3&iag=0&icsg=537226&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=438&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063845&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.5s6hm1u1o9gw&fsb=1&xpc=XvuHrE2Tuf&p=http%3A//www.winmail-dat.com&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1363879676505882&output=html&h=90&slotname=6171850971&adk=1493567546&adf=3936649417&w=728&lmt=1560899296&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.winmail-dat.com%2Fdecode.php&flash=0&wgl=1&adsid=NT&dt=1560899296225&bpp=35&bdt=303&fdt=99&idt=99&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&correlator=6924437502120&frm=20&pv=2&ga_vid=231691298.1560899296&ga_sid=1560899296&ga_hid=1099955828&ga_fc=0&ga_wpids=UA-682964-3&iag=0&icsg=537226&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=438&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063845&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.5s6hm1u1o9gw&fsb=1&xpc=XvuHrE2Tuf&p=http%3A//www.winmail-dat.com&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.winmail-dat.com/decode.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.winmail-dat.com/decode.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jun 2019 23:08:16 GMT
server
cafe
content-length
18931
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Jun-2019 23:23:16 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 18 Jun 2019 23:08:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
75 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 23:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1560769997427486"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28399
x-xss-protection
0
expires
Tue, 18 Jun 2019 23:08:16 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1371704786&utmhn=www.winmail-dat.com&utme=8(Decode*3!DecodeRes)9(Normal*3!No%20file%20uploaded.)&utmcs=UTF-8&utmsr=1600x1200&utmv...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1371704786&utmhn=www.winmail-dat.com&utme=8(Decode*3!DecodeRes)9(Normal*3!No%20file%20uploaded.)&utmcs=UTF-8&utmsr=1600x1200&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-682964-3&cid=231691298.1560899296&jid=150275337&_v=5.7.2&z=1371704786
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-682964-3&cid=231691298.1560899296&jid=150275337&_v=5.7.2&z=1371704786
Requested by
Host: www.winmail-dat.com
URL: http://www.winmail-dat.com/decode.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 18 Jun 2019 23:08:16 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jun 2019 23:08:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-682964-3&cid=231691298.1560899296&jid=150275337&_v=5.7.2&z=1371704786
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B709
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1363879676505882&output=html&adk=1812271804&adf=3025194257&lmt=1560899296&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.winmail-dat.com%2Fdecode.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560899296261&bpp=20&bdt=339&fdt=156&idt=156&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6924437502120&frm=20&pv=1&ga_vid=231691298.1560899296&ga_sid=1560899296&ga_hid=1099955828&ga_fc=1&ga_wpids=UA-682964-3&iag=0&icsg=2634378&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063845&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=1.28tglvwabz4h&fsb=1&dtd=162
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1363879676505882&output=html&adk=1812271804&adf=3025194257&lmt=1560899296&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.winmail-dat.com%2Fdecode.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560899296261&bpp=20&bdt=339&fdt=156&idt=156&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6924437502120&frm=20&pv=1&ga_vid=231691298.1560899296&ga_sid=1560899296&ga_hid=1099955828&ga_fc=1&ga_wpids=UA-682964-3&iag=0&icsg=2634378&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063845&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=1.28tglvwabz4h&fsb=1&dtd=162
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.winmail-dat.com/decode.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.winmail-dat.com/decode.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jun 2019 23:08:16 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Jun-2019 23:23:16 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 18 Jun 2019 23:08:16 GMT
cache-control
private
layers.b7315dd8028c0248db40.js
s7.addthis.com/static/
262 KB
74 KB
Script
General
Full URL
http://s7.addthis.com/static/layers.b7315dd8028c0248db40.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js
Protocol
HTTP/1.1
Security
, ,
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7972161a38af4774f022b6d248977895660ccea99afd794dd15832e3e33cfaa5

Request headers

Referer
http://www.winmail-dat.com/decode.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 23:08:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jun 2019 17:56:44 GMT
ETag
"5cf953dc-41722"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86313600
X-Host
s7.addthis.com
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
75217

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| Contact string| defaultMenuWidth undefined| ie5 function| ns6 function| iecompattest function| showmenu function| contains_ns6 function| hidemenu function| dynamichide function| delayhidemenu function| clearhidemenu object| cookieconsent string| google_analytics_uacct function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| adsbygoogle object| _gaq object| addthis_config object| addthis_share object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad number| _gfp_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired object| _gat object| oattr function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

9 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlckktBbKtRt2HHZdMOvenusaR1oGDgQ9pelSrOyo86Cri9doOOfUCWBwEy
.winmail-dat.com/ Name: __utma
Value: 52861358.231691298.1560899296.1560899296.1560899296.1
.winmail-dat.com/ Name: __utmb
Value: 52861358.1.10.1560899296
www.winmail-dat.com/ Name: __atuvs
Value: 5d096ee0904ce692000
.winmail-dat.com/ Name: __utmt
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.winmail-dat.com/ Name: __utmz
Value: 52861358.1560899296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.winmail-dat.com/ Name: __utmc
Value: 52861358
www.winmail-dat.com/ Name: __atuvc
Value: 1%7C25

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s7.addthis.com
stats.g.doubleclick.net
v1.addthisedge.com
www.google-analytics.com
www.googletagservices.com
www.winmail-dat.com
23.210.248.44
2a00:1450:4001:815::2002
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c0a::9a
2a04:4e42::621
75.119.200.249
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2635850dd6188a6e1a17c54bf9ab5659df4d922bee5aacf3d6c751e3537fe5eb
33cff29354bd93ca888545e3350c87048d3fefc4dc99cb95817dcdffe9463f86
5ef01fd14a3364de67858a6f8d961b7929de1aba52cc2909be888bc2e4cf5983
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
749013d654e6b1800e3d2bdff90484573d995f28dc4624eadc8d681f6aad95b6
7972161a38af4774f022b6d248977895660ccea99afd794dd15832e3e33cfaa5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97de0956d11edf44483d9461cb7bac1e20465659368ea7321940ecc75ed5f2da
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
c6cf333ced73aafec678d712aeb06694e2ac3b3db032fa91e0678b4c355a2bcc
cae9cfa35ff999d603b47fb620215770161460682f9dc54a657d0a5c83e93cf7
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cdd8635577716c6972e241f2e38fd30de0990ab8e86aa6c013464b0144caf3e4
d1eeab641b53c40ba5c56de89d816ab63b496a23f4a4f93059aa2662324968f2
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24