www.windowsbbs.com Open in urlscan Pro
169.60.145.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Submission: On January 18 via manual (January 18th 2019, 7:44:30 pm UTC) from US

Summary HTTP 126 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 25 domains to perform 126 HTTP transactions. The main IP is 169.60.145.200, located in United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is www.windowsbbs.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 10th 2018. Valid for: 2 years.

This is the only time www.windowsbbs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	169.60.145.200 169.60.145.200	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
9	169.62.175.57 169.62.175.57	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
6	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	23.210.248.226 23.210.248.226	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	151.101.0.166 151.101.0.166	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	13.229.8.45 13.229.8.45	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.19.121.121 52.19.121.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	34.200.62.249 34.200.62.249	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	45.76.91.25 45.76.91.25	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
2	204.11.109.77 204.11.109.77	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	31.24.80.101 31.24.80.101	56464 (VIBRANT-EU) (VIBRANT-EU)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:815::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	199.16.157.105 199.16.157.105	13414 (TWITTER) (TWITTER - Twitter Inc.)
11	204.11.109.68 204.11.109.68	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
4	23.54.113.112 23.54.113.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.20.248.170 2.20.248.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.187.64 2.16.187.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	213.254.244.15 213.254.244.15	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	2.20.248.144 2.20.248.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	213.254.244.20 213.254.244.20	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	204.11.109.66 204.11.109.66	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
2	143.204.214.38 143.204.214.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.214.67 143.204.214.67	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
126	41

14 169.60.145.200 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: www.windowsbbs.com

www.windowsbbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 169.62.175.57 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: mail.fdma-media.com

ads.fdma-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams-ads.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.226 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.229.8.45 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-229-8-45.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.121.121 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-121-121.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.62.249 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-62-249.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.76.91.25 (Frankfurt Am Main, Germany)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.76.91.25.vultr.com

pp-m.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.77 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: tags.expo9.exponential.com

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.24.80.101 (United Kingdom)

ASN56464 (VIBRANT-EU, GB)

windowsbbs-us.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

plus.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.157.105 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 204.11.109.68 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.54.113.112 (Cambridge, United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-54-113-112.deploy.static.akamaitechnologies.com

cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.248.170 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-248-170.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.187.64 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-187-64.deploy.static.akamaitechnologies.com

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.15 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.248.144 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-248-144.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.254.244.20 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps20515.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.11.109.66 (Emeryville, United States)

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.38 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-38.fra53.r.cloudfront.net

images.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.67 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-67.fra53.r.cloudfront.net

vibrant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tribalfusion.com s.tribalfusion.com cdnx.tribalfusion.com	48 KB
14	windowsbbs.com www.windowsbbs.com	227 KB
10	contextweb.com tag.contextweb.com tag-st.contextweb.com ams-ads.contextweb.com bh.contextweb.com	42 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	159 B
10	googlesyndication.com pagead2.googlesyndication.com	244 KB
9	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20515.doubleverify.com	37 KB
9	fdma-media.com ads.fdma-media.com	10 KB
8	google.com 1 redirects adservice.google.com www.google.com plus.google.com apis.google.com accounts.google.com	115 KB
7	intellitxt.com windowsbbs-us.intellitxt.com images.intellitxt.com	62 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
4	demdex.net 2 redirects dpm.demdex.net	3 KB
3	facebook.com staticxx.facebook.com www.facebook.com
3	ns1p.net pp-m.ns1p.net	1 KB
3	rlcdn.com idsync.rlcdn.com	102 B
3	google.de adservice.google.de www.google.de	451 B
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	exponential.com tags.expo9.exponential.com	28 KB
2	googletagservices.com www.googletagservices.com	53 KB
2	gstatic.com fonts.gstatic.com	17 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	consensu.org vibrant.mgr.consensu.org
1	facebook.net connect.facebook.net	57 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	paypalobjects.com www.paypalobjects.com	3 KB
126	25

	Domain	Requested by
14	www.windowsbbs.com	www.windowsbbs.com
12	s.tribalfusion.com	tags.expo9.exponential.com www.windowsbbs.com
10	pagead2.googlesyndication.com	www.windowsbbs.com pagead2.googlesyndication.com ams-ads.contextweb.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com
9	ads.fdma-media.com	www.windowsbbs.com ads.fdma-media.com
5	windowsbbs-us.intellitxt.com	www.windowsbbs.com windowsbbs-us.intellitxt.com images.intellitxt.com
4	tps20515.doubleverify.com	www.windowsbbs.com
4	cdnx.tribalfusion.com	www.windowsbbs.com
4	platform.twitter.com	www.windowsbbs.com platform.twitter.com
4	dpm.demdex.net	2 redirects www.windowsbbs.com
3	cdn.doubleverify.com	s.tribalfusion.com cdn.doubleverify.com www.windowsbbs.com
3	bh.contextweb.com	ams-ads.contextweb.com www.windowsbbs.com
3	pp-m.ns1p.net	ams-ads.contextweb.com www.windowsbbs.com
3	idsync.rlcdn.com	ams-ads.contextweb.com www.windowsbbs.com
3	ams-ads.contextweb.com	tag-st.contextweb.com
3	tag.contextweb.com	ads.fdma-media.com www.windowsbbs.com
2	images.intellitxt.com	windowsbbs-us.intellitxt.com images.intellitxt.com
2	accounts.google.com	apis.google.com
2	apis.google.com	plus.google.com
2	www.facebook.com	connect.facebook.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	tags.expo9.exponential.com	ams-ads.contextweb.com cdn.doubleverify.com
2	www.googletagservices.com	pagead2.googlesyndication.com
2	fonts.gstatic.com	pagead2.googlesyndication.com www.windowsbbs.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	maxcdn.bootstrapcdn.com	www.windowsbbs.com
1	vibrant.mgr.consensu.org	images.intellitxt.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	syndication.twitter.com	www.windowsbbs.com
1	staticxx.facebook.com	connect.facebook.net
1	connect.facebook.net	www.windowsbbs.com
1	plus.google.com	www.windowsbbs.com
1	www.google.de	www.windowsbbs.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	ajax.googleapis.com	www.windowsbbs.com
1	www.googletagmanager.com	www.windowsbbs.com
1	tag-st.contextweb.com	tag.contextweb.com
1	www.paypalobjects.com	www.windowsbbs.com
1	fonts.googleapis.com	www.windowsbbs.com
126	42

This site contains links to these domains. Also see Links.

Domain
www.geekstogo.com
www.google.com
www.bing.com
home.tb.ask.com
www.msn.com
www.bleepingcomputer.com
www.malwarebytes.com
www.smartestcomputing.us.com
www.adlice.com
forum.adlice.com
download.bleepingcomputer.com
www.infospyware.net
www.appremover.com
www.microsoft.com
www.malwarebytes.org
www.majorgeeks.com
oldtimer.geekstogo.com
www.itxassociates.com
downloads.sophos.com
www.java.com
www.filehippo.com
www.mozilla.org
browsercheck.qualys.com
secunia.com
www.facebook.com
xenforo.com
waindigo.org
www.helpwithwindows.com
www.rosecitysoftware.com

Subject Issuer	Validity	Valid
www.windowsbbs.com COMODO RSA Domain Validation Secure Server CA	`2018-04-10` - `2020-04-09`	2 years	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.fdma-media.com COMODO RSA Domain Validation Secure Server CA	`2018-07-24` - `2020-07-23`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2018-08-14` - `2020-08-18`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.ns1p.net DigiCert SHA2 Secure Server CA	`2018-05-07` - `2020-07-29`	2 years	crt.sh
*.expo9.exponential.com Go Daddy Secure Certificate Authority - G2	`2018-08-31` - `2020-10-30`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.intellitxt.com SSL.com DV CA	`2018-11-06` - `2020-11-05`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.apis.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
accounts.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2016-06-29` - `2019-09-16`	3 years	crt.sh
*.tribalfusion.com Go Daddy Secure Certificate Authority - G2	`2018-09-07` - `2020-10-07`	2 years	crt.sh
cdn.doubleverify.com Let's Encrypt Authority X3	`2019-01-16` - `2019-04-16`	3 months	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2016-12-13` - `2019-12-13`	3 years	crt.sh
images.intellitxt.com Amazon	`2019-01-03` - `2020-02-03`	a year	crt.sh
vibrant.mgr.consensu.org Amazon	`2018-05-19` - `2019-06-19`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Frame ID: D384940502864D8D1631D5B7EA6BE907
Requests: 57 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js
Frame ID: DBB4C8411622060CAF2A52D4C57E7079
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190114/r20180604/zrt_lookup.html
Frame ID: ECC6D0B83966495C3FB5C20346464C3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=90&slotname=1230505993&adk=1253556676&adf=2769830750&w=880&fwrn=4&fwrnh=100&lmt=1547840635&rafmt=1&guci=1.2.0.0.2.2.0.0&format=880x90&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547840637417&bpp=15&bdt=1409&fdt=17&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&correlator=6447984450918&frm=20&pv=2&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=174594&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=208&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2171419332&ifi=1&uci=1.dkabl9yer773&fsb=1&xpc=AKja2b9fnv&p=https%3A//www.windowsbbs.com&dtd=44
Frame ID: FF98649518F4DE497F9CFADD5D890C6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=280&slotname=6654270798&adk=4002087714&adf=393182232&w=338&fwrn=4&fwrnh=100&lmt=1547840635&rafmt=1&guci=1.2.0.0.2.2.0.0&format=338x280&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547840637490&bpp=13&bdt=1482&fdt=14&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2795530&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=462&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2518727327&ifi=2&uci=2.naa7k9xht6df&fsb=1&xpc=2QQ37pgstm&p=https%3A//www.windowsbbs.com&dtd=20
Frame ID: 946B30C1B6734139ACC458529579D483
Requests: 1 HTTP requests in this frame

Frame: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=114879&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=74358641&if=0&tl=1&pxy=234,35757&cxy=1600,1200&dxy=1585,35882&tz=0&ln=en-US&acid=pp_ad_container_0
Frame ID: C352A98A3DE9CA0944CD6F1154C9AA22
Requests: 10 HTTP requests in this frame

Frame: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=72837&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=40377716&if=0&tl=2&pxy=223,152733&cxy=1600,1200&dxy=1585,152837&tz=0&ln=en-US&acid=pp_ad_container_1
Frame ID: 7CB774655DEC797F08E4010858E9E669
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js
Frame ID: 9FDC4E616B1C31921408078A21CCBD5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=90&slotname=6529846399&adk=1426222433&adf=1938212508&w=728&fwrn=3&fwrnh=100&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ea=0&flash=0&fwr=0&resp_fmts=3&wgl=1&dt=1547840637959&bpp=17&bdt=196&fdt=18&idt=6&shv=r20190114&cbv=r20180604&saldr=aa&correlator=6447984450918&frm=23&ife=1&pv=1&ga_vid=883219931.1547840638&ga_sid=1547840638&ga_hid=685339276&ga_fc=0&iag=3&icsg=2696&nhd=1&dssz=7&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=299&ady=35757&biw=1585&bih=1200&isw=728&ish=90&ifk=902955470&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&ppjl=u&pfx=0&fu=148&bc=15&osw_key=2625608094&ifi=1&uci=1.g9v78c9q1rie&fsb=1&dtd=26
Frame ID: 434C62D8BA1C3968B506C6A0DD8022C3
Requests: 1 HTTP requests in this frame

Frame: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=31169&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=49179623&if=0&tl=3&pxy=1113,535&cxy=1600,1200&dxy=1585,152909&tz=0&ln=en-US&acid=pp_ad_container_2
Frame ID: DB7926F0A19A991A5A7017707BA3B508
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/visitormatch?tag=31169&pid=507782
Frame ID: 7CF1C998BE43DF172BD1F69C8199860B
Requests: 1 HTTP requests in this frame

Frame: https://tags.expo9.exponential.com/tags/WindowsBBScom/ROS/tags.js
Frame ID: 3EA923708B346CCE66012A800FE64DC0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&adk=1934523412&adf=3164131733&lmt=1547840635&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1547840637490&bpp=727&bdt=1482&fdt=727&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280&nras=1&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=732829450255&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=1483859296&ifi=2&uci=2.km4m46xefjq4&fsb=1&dtd=732
Frame ID: F79237DB5A8F829A6A80E67535127445
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a600a62a1c92aa33bb89e73fa1e8b3b3.html?origin=https%3A%2F%2Fwww.windowsbbs.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: CECBA234830A084ACCD7A89178E951D8
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: 19FCB5839A2BEBFEF0386DBF57E0C012
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/like.php?action=like&app_id=233762186648276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df22a28a885d01d8%26domain%3Dwww.windowsbbs.com%26origin%3Dhttps%253A%252F%252Fwww.windowsbbs.com%252Ff345ed0e565c568%26relation%3Dparent.parent&color_scheme=light&container_width=78&href=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400
Frame ID: 938B15CE38183F91461CB163F14BB846
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/like.php?app_id=233762186648276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df2cbeeb0649e5a8%26domain%3Dwww.windowsbbs.com%26origin%3Dhttps%253A%252F%252Fwww.windowsbbs.com%252Ff345ed0e565c568%26relation%3Dparent.parent&color_scheme=light&container_width=78&font=segoe%20ui&href=https%3A%2F%2Fwww.facebook.com%2FWindowsBBS&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=450
Frame ID: DAEE4C888279580C8327878A4F8A1BE8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.a600a62a1c92aa33bb89e73fa1e8b3b3.en.html
Frame ID: BE3BA0443A5519717A629A876D713532
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=2902953748&w=880&lmt=1547840635&nsk=aff6cafa&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638496&bpp=6&bdt=2489&fdt=8&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0&nras=2&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=187604172144655&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=35828&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=4&uci=4.t3jo8hdg2jjf&xpc=2TG3I6RdFg&p=https%3A//www.windowsbbs.com&dtd=11
Frame ID: 513773DB2F3F4DFBF37E5794721FFFE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=194&adk=2703919785&adf=102936&w=880&lmt=1547840635&nsk=906f189d&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x194&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638514&bpp=5&bdt=2506&fdt=14&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148&nras=3&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=58857&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=999148913&ifi=5&uci=5.pnqsax5t0cfr&xpc=Pt8yOIQglC&p=https%3A//www.windowsbbs.com&dtd=21
Frame ID: D6A4BDB203E0C7587E63A995534CC01B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=2956468797&w=880&lmt=1547840635&nsk=7af8ce25&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638542&bpp=5&bdt=2534&fdt=5&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194&nras=4&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=61243&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=6&uci=6.9imucd3luj09&xpc=vbURsZCNKC&p=https%3A//www.windowsbbs.com&dtd=8
Frame ID: 5C3874C2A4E88BB60D940D0597A8D52E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=205&adk=878884862&adf=702508784&w=880&lmt=1547840635&nsk=bd9e3a04&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x205&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638555&bpp=5&bdt=2547&fdt=6&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194%2C880x148&nras=5&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=73787&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=1367272244&ifi=7&uci=7.89nhenohm6vs&xpc=y8VCSbRVNf&p=https%3A//www.windowsbbs.com&dtd=9
Frame ID: 5A40B4C7B5FBF9BC3F94CDFFAFF6B91D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=1800997508&w=880&lmt=1547840635&nsk=5192d843&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638570&bpp=5&bdt=2562&fdt=5&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194%2C880x148%2C880x205&nras=6&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=85138&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=8&uci=8.jj8th4nphi86&xpc=Rr8JySjBb0&p=https%3A//www.windowsbbs.com&dtd=10
Frame ID: 46AD39D8948F33B02F189AED1470811E
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.windowsbbs.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.xQBn4FsfrCQ.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA%2Fm%3D__features__
Frame ID: 3078626EA0F614E62A68584BDD49BF7B
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/visitormatch?tag=114879&pid=507782
Frame ID: 9610C51B24151564C57D9FECDD51D028
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/visitormatch?tag=72837&pid=507782
Frame ID: 6B407C130E9F024CA91131EA3A74C139
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 71C2065742B4B43AFBE80EE056D837D0
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: DC4EC76CF5F4062FC5BE741634CB35C2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 058D0A81A38B239051ED2E6F0288047A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a7mSwY0GY0Ys351cbMmEj42rZbSTUjEVP7XPqM0QVZbtQWBy1W7uW6YM3V34XbZbKV6am4A3ePArI2HUtXWMDnHZam46YQ4sjeUVJ8UcJiPP3oTWYQUrJ52U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0a2M4WMZdQVrG2mQHoWXOVWbeXUY7Xrj90qeMRbvFUUJPTHY3mb7oRUrF6IgDZb6&mediaDataID=6807466&mediaName=frame.html
Frame ID: 192F528521B5D65465B749EEBC113F55
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mSoX0bYk1F7i1TaqRFJDTFZb2TdrYor7mPFfr1E3r5qBj4q74naFFYFJ8WHf0oPnLnG7pmW7D3T372Hyt5AnKnbYZd0G7U1cvV1cBnnEvV2UQVWUvBUAMTPqb1QGBtStBO0tFrT6vp3GM2XUMKVmur5PQgQAFJ2HZbrXWYAnt2v36ZbY4cQ7UGr7VGMeR6FwTdUUWbnS3bEoVqvvTWUTkU3ZbsX&mediaDataID=5406476&mediaName=frame.html
Frame ID: F609E4F6E48FBDE85435195B5E2E7A58
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a9mSoXVcvjUsFiP6ryUHFSTUbX3FasUq3oVEUaSTYZaSsFLPburStY7WcvT2FqvotirXqew4tjFQVbZa5AFZcodPmTHj80b771Ub91EZaMRrJFTUU4VdQXorZbxPbrqYaJs3TBk5a35oT7IXFf6UHZbQoAMZcmGMupdQK3TZbh5teN5PvZbprfEYVURXGv51cvxnavV2UUTTUMZbWAv4QEnQSbQGhMmdRX&mediaDataID=5436426&mediaName=frame.html
Frame ID: 9230CFA949D2A207EC130D092B589CC7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aamSwY1crV0VjpnTJT2rQ2TrfDVmv1QTb3QVUsQHUO1WjnVAMp3sM1YrQIT6ip2AF8PmjK2tFM0HYIpd6n5AQ14srbUVJlVVMjPPnyWd33TFj12U6nVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4tQBSsjZa46JZbmdAyTdQe0bbbYUQj1EAMRrUZbUUn1VtBToFBnPFFt1EFHidyK8C&mediaDataID=8039566&mediaName=frame.html
Frame ID: 9B45F4C98DF4C15B95561260CD14AFB9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=abmSwY1Uf90q6ORbMZdWbUSWtvUnUfnQFroYq3t5aUk4Er1mqbIXrfdTd7SmmfIpVfmoWvJ3aF93des3AFFnUrGYGnUXsFT1svNpTZbP5U32WrbGUmQXQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4HvnXdYAnt2u36YY5GjfVcv6VGFjPAnoUtY3UrZbX3bTxUEMpVEvcSTBNaqnrle&mediaDataID=7665496&mediaName=frame.html
Frame ID: 5208F44B3CA4CFF97A8E390B5A469829
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acmSwYUcZb8RAYnUtJTUUfP2FawUa3nWEJ9QaYZcScQIPUimRdviVVYQ5bymmWqs0a6v2trZdQcMZc46QZdmdaOTtBfYbn7XUY71TqoPbMDWUYSVtBUnbfmQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5Tvl5HeN5PvZaprMEXsfY1cnY1VfxpEZb43FY2VFBGWAfWRqr1QsMqStUZcfcVVrJ&mediaDataID=6453196&mediaName=frame.html
Frame ID: 26C26D5300DACD21FCA7D90BCFB03560
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=admSwYXGJnnEb23FQTVFbZcV6UXQaM3PsZbnQHZbN1HvoVAnw2VYUYUnZbUPmn4AZb7RmrA2H3O0tJCntEw36M05VMeUcQ8UsM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESVBC2AQHotXsVWJhXUfj1Ujj0aeORbMZbUF3SVtv5mrYuRbbqYTrr3TU5bOsn1i&mediaDataID=6530936&mediaName=frame.html
Frame ID: 5482E7B8B10263785131DD3D269D2045
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aemSwYXaEMRrUZdUrnQTH3WnUbvPFBoXTFm5aZbl4T7XmqfBYUZbfTHBVn6rKnV7pmW7D3T373Wuy5P7ZcprYHXcvXXc3X0svpmavQ5UnRTFfZcVmM4QTQSPVZbsStJr1djxVmbw2cn0YrZbIVmPr4m3aPAMD3dMqXHrZcpWEo5mBS3srgTVJkUcJiS6nyWtn3Ub7P3bimWqbwTaYbQEnZaQVQvdsDXAW&mediaDataID=6546596&mediaName=frame.html
Frame ID: 5DCB83592703FD9167CF106E534DA184
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=afmSoXPProWtrRTrf23F2sVqQwVan7STnZcSGZbJRr6mRdrbWGbS5rXsmWeq0qyn4tMFQGrF26BZbotIyUd38Xb78YF7fXayoPbrZbTrvSVdJ5nr7qPrbn1EYy5aUk4EjXoTfCXrfaWH7XnmUInGQpmHMG2EQ92WIM5PvZaprMEXVfQ1cJV1VBMpafQ2rFVVrnGVAn2RTfRQcUtPtBrYqbDcuW3i8&mediaDataID=5578346&mediaName=frame.html
Frame ID: B4D2D133E72C875C8C52D9B39746C25A
Requests: 1 HTTP requests in this frame

Frame: https://vibrant.mgr.consensu.org/readconsent.html
Frame ID: 14E2B95B0D7EA1245AC364F1B748E4A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^SWFObject$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

126
Requests

99 %
HTTPS

45 %
IPv6

25
Domains

42
Subdomains

41
IPs

6
Countries

1143 kB
Transfer

3541 kB
Size

0
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
Title: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

Search URL Search Domain Scan URL

URL: http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
Title: www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO

Search URL Search Domain Scan URL

URL: http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO_enUS482
Title: www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO_enUS482

Search URL Search Domain Scan URL

URL: http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
Title: www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox

Search URL Search Domain Scan URL

URL: http://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^UX^xdm038^YYA^us&ptb=27E9FA18-76D1-43E9-8AFF-02039114EA9E&si=google_directions
Title: Ask

Search URL Search Domain Scan URL

URL: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040213
Title: www.msn.com/?pc=UP21&ocid=UP21DHP&dt=040213

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/roguekiller/
Title: Link 1

Search URL Search Domain Scan URL

URL: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Title: Link 2

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mwb-download/
Title: Malwarebytes

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/adwcleaner/
Title: AdwCleaner

Search URL Search Domain Scan URL

URL: http://'http//www.sevenforums.com/tutorials/11841-run-administrator.html'
Title: Run As Administrator

Search URL Search Domain Scan URL

URL: http://www.smartestcomputing.us.com/
Title: My web page

Search URL Search Domain Scan URL

URL: http://www.adlice.com/contact/
Title: Contact - Adlice Software

Search URL Search Domain Scan URL

URL: https://forum.adlice.com/
Title: Adlice forum - Home

Search URL Search Domain Scan URL

URL: http://www.adlice.com/download/roguekiller/
Title: RogueKiller Anti-Malware Free Download - Official Website

Search URL Search Domain Scan URL

URL: http://www.adlice.com/
Title: Adlice Software - The Best Security Software, for FREE

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/support
Title: Customer Support & Help Center

Search URL Search Domain Scan URL

URL: http://www.malwarebytes.com/
Title: www.malwarebytes.com

Search URL Search Domain Scan URL

URL: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Title: Here

Search URL Search Domain Scan URL

URL: http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/
Title: Here

Search URL Search Domain Scan URL

URL: http://www.infospyware.net/antimalware/combofix/
Title: Here

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/forums/topic114351.html
Title: this link

Search URL Search Domain Scan URL

URL: http://www.appremover.com/
Title: MetaAccess

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/rkill/dl/10/
Title: Downloading RKill

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/rkill/dl/11/
Title: Downloading RKill

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Title: www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
Title: www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

Search URL Search Domain Scan URL

URL: http://www.malwarebytes.org/restorebrowser//index.jhtml?n=77DE8857&p2=^UX^xdm038^YYA^us&ptb=27E9FA18-76D1-43E9-8AFF-02039114EA9E&si=google_directions
Title: www.malwarebytes.org/restorebrowser//index.jhtml?n=77DE8857&p2=^UX^xdm038^YYA^us&ptb=27E9FA18-76D1-43E9-8AFF-02039114EA9E&si=google_directions

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/securitycheck/
Title: here

Search URL Search Domain Scan URL

URL: http://www.majorgeeks.com/files/details/securitycheck.html#screenshots
Title: here

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/
Title: Farbar Service Scanner

Search URL Search Domain Scan URL

URL: http://oldtimer.geekstogo.com/TFC.exe
Title: Temp File Cleaner (TFC)

Search URL Search Domain Scan URL

URL: http://www.itxassociates.com/OT-Tools/TFC.exe
Title: http://www.itxassociates.com/OT-Tools/TFC.exe

Search URL Search Domain Scan URL

URL: http://downloads.sophos.com/tools/withides/Sophos%20Virus%20Removal%20Tool.exe
Title: Sophos Free Virus Removal Tool

Search URL Search Domain Scan URL

URL: http://www.java.com/en/download/manual.jsp
Title: Java Downloads for All Operating Systems

Search URL Search Domain Scan URL

URL: http://www.filehippo.com/search?q=java
Title: http://www.filehippo.com/search?q=java

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/download/delfix/
Title: DelFix by Xplode

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/plugincheck/
Title: More browser features, fewer plugin updates | Firefox

Search URL Search Domain Scan URL

URL: https://browsercheck.qualys.com/
Title: Qualys BrowserCheck

Search URL Search Domain Scan URL

URL: http://secunia.com/vulnerability_scanning/personal/
Title: Personal Software Inspector

Search URL Search Domain Scan URL

URL: http://www.filehippo.com/updatechecker/
Title: FileHippo Update Checker

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/forums/topic2520.html
Title: How did I get infected? - Anti-Virus, Anti-Malware, and Privacy Software

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Title: Simple and easy ways to keep your computer safe and secure on the Internet

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642
Title: Answers to common security questions - Best Practices - Anti-Virus, Anti-Malware, and Privacy Software

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WindowsBBS

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Forum software by XenForo™ © 2010-2018 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://waindigo.org/
Title: XenForo add-ons by Waindigo™

Search URL Search Domain Scan URL

URL: http://www.helpwithwindows.com/
Title: HelpWithWindows.com

Search URL Search Domain Scan URL

URL: http://www.rosecitysoftware.com/
Title: RoseCitySoftware.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=Donet2IFVIel HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=Donet2IFVIel

Request Chain 58

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=dP33DrS1mN7Q HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=dP33DrS1mN7Q

Request Chain 66

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=820248293&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ul=en-us&de=UTF-8&dt=Solved%20-%20%22IT%20Helper%22%20Got%20Into%20Friend%27s%20Computer%20%7C%20WindowsBBS&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=45498324&gjid=1218316036&cid=506474847.1547840637&tid=UA-5041620-1&_gid=1107792092.1547840638&_r=1&gtm=2ou170&z=1986366677 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_gid=1107792092.1547840638&gjid=1218316036&_v=j72&z=1986366677 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_v=j72&z=1986366677 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_v=j72&z=1986366677&slf_rd=1&random=3505609781

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/ 469 KB
107 KB 1032ms
608ms Document
text/html 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

c13753b3f583c6bf37efd635eb94f9e2e5e39aed5170d51527f277fd4d4cd024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1

Request headers

Host: www.windowsbbs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:55 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-control: private, max-age=0
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Xss-Protection: 1
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4; path=/; secure; httponly
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Fri, 18 Jan 2019 19:43:55 GMT
Content-Length: 108616
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK css.php
www.windowsbbs.com/ 86 KB
22 KB 452ms
172ms Stylesheet
text/css 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowsbbs.com/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1547819861

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

01ac0135af6bcda80afb7012ec65c05458d71aa7d93fea5b14925ed07b7896f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:56 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Jan 2019 13:57:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 21617
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=100
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK css.php
www.windowsbbs.com/ 29 KB
8 KB 446ms
165ms Stylesheet
text/css 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowsbbs.com/css.php?css=Aayush_PD,GoToTop_purecss,attached_files,bb_code,fa_socialicons,facebook,google,login_bar,message,message_user_info,notices,panel_scroller,share_page,thread_view,twitter,wf_default&style=6&dir=LTR&d=1547819861

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

f0aa5720d6b4d7476457816b77d9f0831c3f2c2b21f544df5dd6c618925c7d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:56 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Jan 2019 13:57:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 7869
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=100
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 101ms
34ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 css
fonts.googleapis.com/ 5 KB
697 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 18 Jan 2019 19:43:56 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 18 Jan 2019 19:43:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 79 KB
30 KB 55ms
22ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a2b3be1e839b40d9f22ea7d9ada67128a2f9f8e642fad2294447eb596e928e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 29820
x-xss-protection: 1; mode=block
server: cafe
etag: 1920374003565694715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H/1.1 200
OK spcjs.php Show response
ads.fdma-media.com/www/delivery/ 2 KB
1 KB 1095ms
141ms Script
application/x-javascript 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

44b001b66928a69b459159f495c8ace9d3c8ca755374353113469bcefcb61fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Content-Type: application/x-javascript
Vary: Accept-Encoding
Content-Length: 714
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=100
Expires: Sat, 19 Jan 2019 19:43:57 +0000

GET
H/1.1 200
OK avatar_male_m.png
www.windowsbbs.com/styles/flatawesome/xenforo/avatars/ 1 KB
2 KB 440ms
142ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/styles/flatawesome/xenforo/avatars/avatar_male_m.png

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

nginx /

Resource Hash

a10d96c76ca19c5c406b23d3d31eb3f41c1170b88fb5048dbe2e9d9b6656a455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:56 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 19 Aug 2018 10:58:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 1109
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windowsbbs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowsbbs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 4750.jpg
www.windowsbbs.com/data/avatars/m/4/ 4 KB
4 KB 263ms
132ms Image
image/jpeg 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/data/avatars/m/4/4750.jpg?1463713214

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

c1078df4cddabd2bac87d1bdc3ffb2a7e06cc5bdcf58e44df779a8a72559ef72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:56 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 May 2016 03:00:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 3634
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=99
Expires: Sun, 17 Feb 2019 19:43:56 GMT

GET
H/1.1 200
OK proxy.php
www.windowsbbs.com/ 2 KB
2 KB 190ms
190ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/proxy.php?image=https%3A%2F%2Fwww.techspot.com%2Ffileshost%2Fnewspics3%2F2017%2Fredtarget.gif&hash=1c1b6b56b7b01b515e9eb5973adf3fcf

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

e3fb664d9269af1f4e2a06d0691f5153c89d1e1a373046ea2ffd4904e7dc1661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Proxy-Error: retrieve_failed
Date: Fri, 18 Jan 2019 19:43:56 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Content-Disposition: inline; filename="missing-image.png"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: User-Agent
Content-Length: 1761
X-Content-Type-Options: nosniff nosniff
Keep-Alive: timeout=3, max=99

GET
H/1.1 200
OK clear.png
www.windowsbbs.com/styles/default/xenforo/ 137 B
685 B 133ms
132ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/styles/default/xenforo/clear.png

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

nginx /

Resource Hash

77f692fa63083335d82bc3d1ed0c93b9d9826ffda16f365ca2eef18039c34370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Cookie: xf_session=e9c48f3568e96da53ff2167400c8bec4
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:56 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 19 Aug 2018 10:58:31 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 137
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ 191 KB
71 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

28036359999374181bb29e83ca7c72aafd2f1b4c009a67e2f5fdb37f0ac48550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 72298
x-xss-protection: 1; mode=block
server: cafe
etag: 7444734916571546782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ Frame DBB4 191 KB
71 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

28036359999374181bb29e83ca7c72aafd2f1b4c009a67e2f5fdb37f0ac48550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 72298
x-xss-protection: 1; mode=block
server: cafe
etag: 7444734916571546782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H/1.1 200
OK spc.php Show response
ads.fdma-media.com/www/delivery/ 8 KB
2 KB 164ms
149ms Script
application/x-javascript 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.fdma-media.com/www/delivery/spc.php?zones=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11&source=&r=73291182&target=_blank&charset=UTF-8&loc=https%3A//www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Requested by

Host: ads.fdma-media.com
URL: https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

a5b9e2404084c4dd40ac43eae1d9bcf2c7c3f1262a27aa66cad50dc125dd2d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 1475
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=99
Expires: 0

GET
H/1.1 200
OK fl.js Show response
ads.fdma-media.com/www/delivery/ 5 KB
2 KB 303ms
139ms Script
application/javascript 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.fdma-media.com/www/delivery/fl.js

Requested by

Host: ads.fdma-media.com
URL: https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 11 Mar 2016 08:18:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=2592000, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: none
Vary: Accept-Encoding
Content-Length: 1858
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=98
Expires: Sun, 17 Feb 2019 19:43:57 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.windowsbbs.com

Response headers

date: Fri, 21 Dec 2018 06:27:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 2466969
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 21 Dec 2019 06:27:48 GMT

GET
H2 200 ca-pub-7728182332040300.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
277 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7728182332040300.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 12:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Jan 2019 20:31:29 GMT
server: sffe
age: 25340
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sat, 19 Jan 2019 00:41:37 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190114/r20180604/ Frame ECC6 0
0 7ms
5ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190114/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190114/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 14 Jan 2019 18:59:13 GMT
expires: Mon, 28 Jan 2019 18:59:13 GMT
content-type: text/html; charset=UTF-8
etag: 14090563764879558401
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6959
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 348284
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ 41 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/rum.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a0aee8f0cef8974af97a69bb4ebe37a41c97896dc00efcc4686fb6882c524c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 14 Jan 2019 21:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 15927
x-xss-protection: 1; mode=block
server: cafe
etag: 5959710677623086509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jan 2019 21:25:34 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame FF98 0
0 138ms
137ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=90&slotname=1230505993&adk=1253556676&adf=2769830750&w=880&fwrn=4&fwrnh=100&lmt=1547840635&rafmt=1&guci=1.2.0.0.2.2.0.0&format=880x90&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547840637417&bpp=15&bdt=1409&fdt=17&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&correlator=6447984450918&frm=20&pv=2&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=174594&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=208&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2171419332&ifi=1&uci=1.dkabl9yer773&fsb=1&xpc=AKja2b9fnv&p=https%3A//www.windowsbbs.com&dtd=44

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=90&slotname=1230505993&adk=1253556676&adf=2769830750&w=880&fwrn=4&fwrnh=100&lmt=1547840635&rafmt=1&guci=1.2.0.0.2.2.0.0&format=880x90&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547840637417&bpp=15&bdt=1409&fdt=17&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&correlator=6447984450918&frm=20&pv=2&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=174594&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=208&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2171419332&ifi=1&uci=1.dkabl9yer773&fsb=1&xpc=AKja2b9fnv&p=https%3A//www.windowsbbs.com&dtd=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:57 GMT
server: cafe
content-length: 17347
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jan-2019 19:58:57 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 18 Jan 2019 19:43:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5053e3649a40c20ecca309843e7a085226246462cc33cc738981424ece35e7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:31:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27230
x-xss-protection: 1; mode=block
expires: Fri, 18 Jan 2019 19:43:57 GMT

GET
H/1.1 200
OK lg.php
ads.fdma-media.com/www/delivery/ 43 B
647 B 144ms
143ms Image
image/gif 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.fdma-media.com/www/delivery/lg.php?bannerid=2&campaignid=1&zoneid=1&loc=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cb=29c5c4a916

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 56
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=97
Expires: 0

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.windowsbbs.com

Response headers

date: Mon, 14 Jan 2019 19:46:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 345466
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8800
x-xss-protection: 1; mode=block
expires: Tue, 14 Jan 2020 19:46:11 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 21ms
20ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.windowsbbs.com

Response headers

date: Fri, 18 Jan 2019 19:43:57 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 946B 0
0 143ms
141ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=280&slotname=6654270798&adk=4002087714&adf=393182232&w=338&fwrn=4&fwrnh=100&lmt=1547840635&rafmt=1&guci=1.2.0.0.2.2.0.0&format=338x280&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547840637490&bpp=13&bdt=1482&fdt=14&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2795530&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=462&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2518727327&ifi=2&uci=2.naa7k9xht6df&fsb=1&xpc=2QQ37pgstm&p=https%3A//www.windowsbbs.com&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=280&slotname=6654270798&adk=4002087714&adf=393182232&w=338&fwrn=4&fwrnh=100&lmt=1547840635&rafmt=1&guci=1.2.0.0.2.2.0.0&format=338x280&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547840637490&bpp=13&bdt=1482&fdt=14&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2795530&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=462&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2518727327&ifi=2&uci=2.naa7k9xht6df&fsb=1&xpc=2QQ37pgstm&p=https%3A//www.windowsbbs.com&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:57 GMT
server: cafe
content-length: 18563
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jan-2019 19:58:57 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 18 Jan 2019 19:43:57 GMT
cache-control: private

GET
H/1.1 200
OK lg.php
ads.fdma-media.com/www/delivery/ 43 B
648 B 148ms
145ms Image
image/gif 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.fdma-media.com/www/delivery/lg.php?bannerid=6&campaignid=3&zoneid=3&loc=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cb=22ef724746

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 56
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=100
Expires: 0

GET
H/1.1 200
OK proxy.php
www.windowsbbs.com/ 2 KB
2 KB 176ms
175ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/proxy.php?image=http%3A%2F%2Fi1.ifrm.com%2F228%2F109%2Fupload%2Fp3879546.jpg&hash=9f11c17b14d53f50c3438bad8ef8dd81

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

e3fb664d9269af1f4e2a06d0691f5153c89d1e1a373046ea2ffd4904e7dc1661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Proxy-Error: retrieve_failed
Date: Fri, 18 Jan 2019 19:43:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Content-Disposition: inline; filename="missing-image.png"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: User-Agent
Content-Length: 1761
X-Content-Type-Options: nosniff nosniff
Keep-Alive: timeout=3, max=97

GET
H/1.1 200
OK proxy.php
www.windowsbbs.com/ 3 KB
4 KB 185ms
184ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/proxy.php?image=http%3A%2F%2Fwww.imgdumper.nl%2Fuploads6%2F51a5ce45267c1%2F51a5ce45263de-delfix.png&hash=443a3cfdf751bcde6f9d7b12b67102ad

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

09c9f96143372ee7e9fee4a67f16feec1d7d251f7739e9c77f13365fd0938484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Content-Disposition: inline; filename="51a5ce45263de-delfix.png"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: User-Agent
Content-Length: 3416
X-Content-Type-Options: nosniff nosniff
Keep-Alive: timeout=3, max=98

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 92ms
15ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=507782&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=114879
Requested by: Host: ads.fdma-media.com
URL: https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 35791fe302df16602258e1b50fca42a46d93706941edaa00700a63edb3288d9d

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: no-cache, no-store
Connection: keep-alive
CW-FEServer: ams-prts07.pulse.prod
Content-Type: application/x-javascript
Content-Length: 682

GET
H/1.1 200
OK lg.php
ads.fdma-media.com/www/delivery/ 43 B
647 B 162ms
144ms Image
image/gif 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.fdma-media.com/www/delivery/lg.php?bannerid=17&campaignid=5&zoneid=4&loc=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cb=1c35f515bc

Requested by

Host: ads.fdma-media.com
URL: https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 56
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=96
Expires: 0

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
3 KB 115ms
9ms Image
image/gif 23.210.248.226
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.210.248.226 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-226.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jan 2019 19:43:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 May 2018 20:41:52 GMT
server: Apache
strict-transport-security: max-age=31536000
p3p: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 2993
expires: Fri, 18 Jan 2019 19:43:57 GMT

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 89ms
19ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=160X600&cwpid=507782&cwwidth=160&cwheight=600&cwpnet=1&cwtagid=31169
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 750d1df67df3d97bcc8cb30a4c967352b5af6489c7ea73ba472d9e5abc1a8444

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: no-cache, no-store
Connection: keep-alive
CW-FEServer: ams-prts08.pulse.prod
Content-Type: application/x-javascript
Content-Length: 681

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/TagPublish/ 32 KB
32 KB 48ms
8ms Script
application/x-javascript 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Requested by: Host: tag.contextweb.com
URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=507782&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=114879
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 2797a5a31f878305121024bf4f2271f8059dcc6c2b24efde2994c09631bed34f

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Via: 1.1 varnish
Age: 1751
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
CW-FEServer: ams-prts05.pulse.prod
Content-Length: 32466
X-Served-By: cache-hhn1550-HHN
Server: nginx
X-Timer: S1547840638.742806,VS0,VE0
ETag: 24e3b1b6dd83b252f1213e42689762834e238463
Content-Type: application/x-javascript
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 346

GET
H/1.1 200
OK GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame C352 4 KB
2 KB 135ms
60ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=114879&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=74358641&if=0&tl=1&pxy=234,35757&cxy=1600,1200&dxy=1585,35882&tz=0&ln=en-US&acid=pp_ad_container_0
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3b0b0d46ef30d3b2dff28638822c122a6f17a99afe5519b9fe5d660b763fb21c

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: private, max-age=0, no-cache, no-store
CWDL: 12/120
Connection: keep-alive
CW-FEServer: ams-prts05.pulse.prod
Content-Type: application/x-javascript; charset=utf-8
CW-Server: AMS-PRTS05:8080 AMS-TAG03:8080 AMS-TAG03:8080
Content-Length: 1533
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK facebook.png
www.windowsbbs.com/styles/flatawesome/xenforo/ 865 B
1 KB 143ms
142ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/styles/flatawesome/xenforo/facebook.png

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

nginx /

Resource Hash

8755c3830cd00faa5a0658cbbe133834c3e318a280032220c9a24da3c6aaac36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 19 Aug 2018 10:58:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 865
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bbs-logo.jpg
www.windowsbbs.com/images/ 11 KB
11 KB 134ms
133ms Image
image/jpeg 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/images/bbs-logo.jpg

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

nginx /

Resource Hash

f93af604245dac55fb866f25f43970a3dbb06bfae03d5f42f759921c187ecb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 19 Aug 2018 10:58:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 11145
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
33 KB 20ms
17ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5041620-1

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

434211613bbdb01080564fa9263ac6d4518e3f99cddddca7a7beedf737f0409b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:57 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 33417
x-xss-protection: 1; mode=block
expires: Fri, 18 Jan 2019 19:43:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Dec 2018 05:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2468759
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2019 05:57:58 GMT

GET
H/1.1 200
OK xenforo.js Show response
www.windowsbbs.com/js/xenforo/ 166 KB
52 KB 147ms
145ms Script
application/javascript 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

b957e0d4e95809f679549113d2002be0aebdfbdc83bf66244efc931104b96912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 53122
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Sep 2018 09:18:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=2592000, proxy-revalidate
Accept-Ranges: none
Keep-Alive: timeout=3, max=99
Expires: Sun, 17 Feb 2019 19:43:57 GMT

GET
H/1.1 200
OK xen.ui.totop.js Show response
www.windowsbbs.com/js/sedo/gototop/ 2 KB
2 KB 136ms
134ms Script
application/javascript 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowsbbs.com/js/sedo/gototop/xen.ui.totop.js?_v=ec92ec8d

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

Apache /

Resource Hash

b175629296775f33bfa5df88fd48e2d16765b6a1b9d6e287d0475119c6313959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1106
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 11 May 2016 10:55:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript
Cache-Control: max-age=2592000, proxy-revalidate
Accept-Ranges: none
Keep-Alive: timeout=3, max=99
Expires: Sun, 17 Feb 2019 19:43:57 GMT

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 17ms
15ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=507782&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=72837
Requested by: Host: ads.fdma-media.com
URL: https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: d882439243ca007ce9170cc8b882965bdaa5602dbee92ec250a5ec196f91a9e2

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: no-cache, no-store
Connection: keep-alive
CW-FEServer: ams-prts08.pulse.prod
Content-Type: application/x-javascript
Content-Length: 725

GET
H/1.1 200
OK lg.php
ads.fdma-media.com/www/delivery/ 43 B
647 B 146ms
145ms Image
image/gif 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.fdma-media.com/www/delivery/lg.php?bannerid=15&campaignid=8&zoneid=7&loc=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cb=44d79266a7

Requested by

Host: ads.fdma-media.com
URL: https://ads.fdma-media.com/www/delivery/spcjs.php?id=1&target=_blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 56
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=95
Expires: 0

GET
H/1.1 200
OK xenforo-smilies-sprite.png
www.windowsbbs.com/styles/default/xenforo/ 8 KB
9 KB 142ms
140ms Image
image/png 169.60.145.200
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.windowsbbs.com/styles/default/xenforo/xenforo-smilies-sprite.png

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.60.145.200 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

www.windowsbbs.com

Software

nginx /

Resource Hash

f5a6aead82e35b8aa40843920afcc989d13101b85d177cf9f712b0d0bf4abaf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.windowsbbs.com/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1547819861
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.windowsbbs.com/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1547819861
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 19 Aug 2018 10:58:31 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 8205
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame 7CB7 5 KB
2 KB 54ms
53ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=72837&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=40377716&if=0&tl=2&pxy=223,152733&cxy=1600,1200&dxy=1585,152837&tz=0&ln=en-US&acid=pp_ad_container_1
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97496e6bcdabe45ce96cd604115ec76036bb61a9635addeea37c6bef3211e918

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:57 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: private, max-age=0, no-cache, no-store
CWDL: 12/120
Connection: keep-alive
CW-FEServer: ams-prts05.pulse.prod
Content-Type: application/x-javascript; charset=utf-8
CW-Server: AMS-PRTS05:8080 AMS-TAG13:8080 AMS-TAG13:8080
Content-Length: 1709
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C352 79 KB
0 55ms
22ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=114879&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=74358641&if=0&tl=1&pxy=234,35757&cxy=1600,1200&dxy=1585,35882&tz=0&ln=en-US&acid=pp_ad_container_0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a2b3be1e839b40d9f22ea7d9ada67128a2f9f8e642fad2294447eb596e928e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 29820
x-xss-protection: 1; mode=block
server: cafe
etag: 1920374003565694715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame C352
Redirect Chain

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=Donet2IFVIel
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=Donet2IFVIel

42 B
769 B

143ms
36ms

Script
image/gif

52.19.121.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=Donet2IFVIel
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.121.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-121-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v015-0c3736f14.edge-irl1.demdex.com 5.46.2.20190116152531 2ms
Pragma: no-cache
X-TID: rpbSa2ftTgI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: T2VYRQ+uQlQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=Donet2IFVIel
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 400066.gif
idsync.rlcdn.com/ Frame C352 0
34 B 297ms
97ms Image
text/plain 34.200.62.249
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400066.gif?partner_uid=Donet2IFVIel&gdpr=1&gdpr_consent=
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=114879&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=74358641&if=0&tl=1&pxy=234,35757&cxy=1600,1200&dxy=1585,35882&tz=0&ln=en-US&acid=pp_ad_container_0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.62.249 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-200-62-249.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Fri, 18 Jan 2019 19:43:58 GMT

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame C352 43 B
407 B 63ms
14ms Image
image/gif 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pp-m.ns1p.net/a/l.gif?t=Lz5Uh

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C352 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windowsbbs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C352 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowsbbs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ Frame C352 191 KB
0 28ms
28ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

28036359999374181bb29e83ca7c72aafd2f1b4c009a67e2f5fdb37f0ac48550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 72298
x-xss-protection: 1; mode=block
server: cafe
etag: 7444734916571546782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ Frame 9FDC 191 KB
0 28ms
28ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

28036359999374181bb29e83ca7c72aafd2f1b4c009a67e2f5fdb37f0ac48550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 18 Jan 2019 19:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 72298
x-xss-protection: 1; mode=block
server: cafe
etag: 7444734916571546782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:56 GMT

GET
H2 200 ca-pub-7728182332040300.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame C352 133 B
185 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7728182332040300.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 12:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Jan 2019 20:31:29 GMT
server: sffe
age: 25340
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sat, 19 Jan 2019 00:41:37 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 434C 0
0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C352 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5053e3649a40c20ecca309843e7a085226246462cc33cc738981424ece35e7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:31:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27230
x-xss-protection: 1; mode=block
expires: Fri, 18 Jan 2019 19:43:58 GMT

GET
H/1.1 200
OK GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame DB79 3 KB
2 KB 80ms
79ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=31169&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=49179623&if=0&tl=3&pxy=1113,535&cxy=1600,1200&dxy=1585,152909&tz=0&ln=en-US&acid=pp_ad_container_2
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4522f443908e742c9a5462820d647898e73433ae5cb561d4ce1daf36140ad947

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:58 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: private, max-age=0, no-cache, no-store
CWDL: 12/120
Connection: keep-alive
CW-FEServer: ams-prts05.pulse.prod
Content-Type: application/x-javascript; charset=utf-8
CW-Server: AMS-PRTS05:8080 AMS-TAG14:8080 AMS-TAG14:8080
Content-Length: 1414
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ajs.php Show response
ads.fdma-media.com/www/delivery/ Frame 7CB7 484 B
955 B 145ms
143ms Script
text/javascript 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.fdma-media.com/www/delivery/ajs.php?zoneid=8&target=_blank&cb=89239895016&charset=UTF-8&loc=https%3A//www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

beee053f2cd5f4290fb87cd65c1cf0a9399ea128263f7f06c15e4a1cfbdef5bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 342
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=94
Expires: 0

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame 7CB7
Redirect Chain

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=dP33DrS1mN7Q
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=dP33DrS1mN7Q

42 B
910 B

209ms
208ms

Script
image/gif

13.229.8.45
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=dP33DrS1mN7Q
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.229.8.45 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-229-8-45.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-apse-v013-0dae9513c.edge-apse.demdex.com 5.46.1.20190109131638 4ms
Pragma: no-cache
X-TID: Jr82zJM8Q/8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: HvnmaZSASbU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=dP33DrS1mN7Q
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 400066.gif
idsync.rlcdn.com/ Frame 7CB7 0
34 B 209ms
99ms Image
text/plain 34.200.62.249
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400066.gif?partner_uid=dP33DrS1mN7Q&gdpr=1&gdpr_consent=
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=72837&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=40377716&if=0&tl=2&pxy=223,152733&cxy=1600,1200&dxy=1585,152837&tz=0&ln=en-US&acid=pp_ad_container_1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.62.249 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-200-62-249.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Fri, 18 Jan 2019 19:43:58 GMT

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame 7CB7 43 B
407 B 16ms
15ms Image
image/gif 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pp-m.ns1p.net/a/l.gif?t=3s62G

Requested by

Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=72837&cwod=&epid=&esid=&ccid=&wp=0&cf=728X90&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=40377716&if=0&tl=2&pxy=223,152733&cxy=1600,1200&dxy=1585,152837&tz=0&ln=en-US&acid=pp_ad_container_1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK Cookie set visitormatch
bh.contextweb.com/bh/ Frame 7CF1 0
0 23ms
22ms Document
text/html 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/visitormatch?tag=31169&pid=507782
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=31169&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=49179623&if=0&tl=3&pxy=1113,535&cxy=1600,1200&dxy=1585,152909&tz=0&ln=en-US&acid=pp_ad_container_2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: cw=cw; wf=0; LP_ddfef5c3=1547840637892; LP_b872ae4e=1547840637990; vf=3; LP_f14ddcb6=1547840638097
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-df6978777-cxm2t
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Set-Cookie: _dbefe=http://10.223.6.213:8080; Path=/ sto-id-20480-bh=BJANNMAKFBAA; Domain=contextweb.com; Expires=Fri, 18-Jan-2019 19:58:57 GMT; Path=/
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 18 Jan 2019 19:43:58 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1520-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/WindowsBBScom/ROS/ Frame 3EA9 58 KB
14 KB 852ms
174ms Script
application/x-javascript 204.11.109.77
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/WindowsBBScom/ROS/tags.js
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=507782&ct=31169&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cwr=&mrnd=49179623&if=0&tl=3&pxy=1113,535&cxy=1600,1200&dxy=1585,152909&tz=0&ln=en-US&acid=pp_ad_container_2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.77 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: 2b444c9fe9d0c29d7a6b4770f825a58fdc915caa13f0c1e0550f426620cf9db7

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:58 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 1
ETag: 12085831083377771253
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 21 Dec 2018 06:42:52 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13937
Expires: Fri, 18 Jan 2019 20:43:58 GMT

GET
H2 204 400066.gif
idsync.rlcdn.com/ Frame DB79 0
34 B 126ms
97ms Image
text/plain 34.200.62.249
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400066.gif?partner_uid=LGtLwL46QeJH&gdpr=1&gdpr_consent=
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.62.249 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-200-62-249.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Fri, 18 Jan 2019 19:43:58 GMT

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame DB79 43 B
407 B 9ms
7ms Image
image/gif 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pp-m.ns1p.net/a/l.gif?t=jKOUp

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5041620-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 3292
date: Fri, 18 Jan 2019 18:49:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Fri, 18 Jan 2019 20:49:06 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=820248293&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ul=en-us&de=UTF-8&dt=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_gid=1107792092.1547840638&gjid=1218316036&_v=j72&z=1986366677
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_v=j72&z=1986366677
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_v=j72&z=1986366677&slf_rd=1&random=3505609781

42 B
109 B

17ms
15ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_v=j72&z=1986366677&slf_rd=1&random=3505609781

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jan 2019 19:43:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jan 2019 19:43:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5041620-1&cid=506474847.1547840637&jid=45498324&_v=j72&z=1986366677&slf_rd=1&random=3505609781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lg.php
ads.fdma-media.com/www/delivery/ Frame 7CB7 43 B
648 B 411ms
133ms Image
image/gif 169.62.175.57
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.fdma-media.com/www/delivery/lg.php?bannerid=16&campaignid=9&zoneid=8&loc=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&cb=2735e466ae

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.62.175.57 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

mail.fdma-media.com

Software

Apache /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 56
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=3, max=100
Expires: 0

GET
H/1.1 200
OK front.asp Show response
windowsbbs-us.intellitxt.com/intellitxt/ 2 KB
1 KB 15179ms
23ms Script
application/javascript 31.24.80.101
VIBRANT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsbbs-us.intellitxt.com/intellitxt/front.asp?ipid=19272
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.24.80.101 , United Kingdom, ASN56464 (VIBRANT-EU, GB),
Reverse DNS
Software: nginx / Kormorant
Resource Hash: 16c9bcf1d5ec6a52ec9cb45c24118f1483ea0c3d0aab825e3d80a4f3673bd3f5

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:13 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Kormorant
Vary: Accept-Encoding, *
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 Jan 2016 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F792 0
0 61ms
58ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&adk=1934523412&adf=3164131733&lmt=1547840635&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1547840637490&bpp=727&bdt=1482&fdt=727&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280&nras=1&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=732829450255&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=1483859296&ifi=2&uci=2.km4m46xefjq4&fsb=1&dtd=732

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&adk=1934523412&adf=3164131733&lmt=1547840635&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1547840637490&bpp=727&bdt=1482&fdt=727&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280&nras=1&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=732829450255&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=1483859296&ifi=2&uci=2.km4m46xefjq4&fsb=1&dtd=732
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUk2_YTeM8NmQhvokZVB9Hd1eVizdEacfChvI2Lm_Fi-DopLuY7MPIysVw_m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:58 GMT
server: cafe
content-length: 903
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 client:plusone.js Show response
plus.google.com/js/ 43 KB
17 KB 116ms
93ms Script
application/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.google.com/js/client:plusone.js

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

88155026ef10cb5087a687927e383a608e1239e8c3042eff08cb384986ed9f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-cX66QntC6PQJAf3N3Mab6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "4116c1b614aaf5605fcd2002fe4cc6dc"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:58 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 182 KB
57 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

04c6f18d0096026b2729965af0839a94c9bded668f1e906c86acfc28a7be9444

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: t7S0rj+/bDlHkc1nJt/nxg==
status: 200
vary: Accept-Encoding
content-length: 57993
x-xss-protection: 0
x-fb-debug: KK6Ex+hZLzDw1KheEy+eaLXjdML+cohcWDyg0xgmwFPwkZUrN8vL7Y1lLe6PtvIJmJDX0vSfKenvHn6eInozNA==
x-fb-content-md5: 2b07078164389d571380d58718ae652a
date: Fri, 18 Jan 2019 19:43:58 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "eff865f95c112f2dcb9850283af1b107"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:45:53 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 1e270844c8b580f0bff72522df6478b8d2de9383e88ab6b1d2fb354736337665

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jan 2019 21:47:50 GMT
Server: ECS (fcn/41AF)
Etag: "c9a807c5c560c53e52f1a1f9f031848f+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 27963

GET
H/1.1 200
OK widget_iframe.a600a62a1c92aa33bb89e73fa1e8b3b3.html
platform.twitter.com/widgets/ Frame CECB 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a600a62a1c92aa33bb89e73fa1e8b3b3.html?origin=https%3A%2F%2Fwww.windowsbbs.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Jan 2019 19:43:58 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 17 Jan 2019 21:45:41 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK button.e96bb6acc0f8bda511c0c46a84ee18e4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e96bb6acc0f8bda511c0c46a84ee18e4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DD) /
Resource Hash: 00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jan 2019 21:45:33 GMT
Server: ECS (fcn/40DD)
Etag: "afc5be16085c49e57e5c7974de717b28+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 2300

GET
H2 200 reactive_library.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ 162 KB
57 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/reactive_library.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

757d2b275f45e229ae0e3c5f305417486575c308bd79b320aa80c8ec7c1a12c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 57710
x-xss-protection: 1; mode=block
server: cafe
etag: 10634815428665628238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jan 2019 19:43:58 GMT

GET
H2 200 j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 19FC 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Thu, 16 Jan 2020 20:42:40 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: esOaAJYAwPQ3FkxS/R4POhGP4xLUV6LzouiyhswsfaVLigCTQn0Yb9QZPhzDhbW34RNvo92DRZUuI30h1EmAPA==
content-length: 12072
date: Fri, 18 Jan 2019 19:43:58 GMT

GET
H2 200 like.php
www.facebook.com/v2.10/plugins/ Frame 938B 0
0 58ms
54ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.10/plugins/like.php?action=like&app_id=233762186648276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df22a28a885d01d8%26domain%3Dwww.windowsbbs.com%26origin%3Dhttps%253A%252F%252Fwww.windowsbbs.com%252Ff345ed0e565c568%26relation%3Dparent.parent&color_scheme=light&container_width=78&href=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.10/plugins/like.php?action=like&app_id=233762186648276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df22a28a885d01d8%26domain%3Dwww.windowsbbs.com%26origin%3Dhttps%253A%252F%252Fwww.windowsbbs.com%252Ff345ed0e565c568%26relation%3Dparent.parent&color_scheme=light&container_width=78&href=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version: v2.10
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 49Tz8TXhrSkyBzC6kqUleWP6T6FzHD+XX9geKQKosk5crJTr4NMdquvw8e7w/szkH4FXm30b+GZU1y6MI2iIBg==
date: Fri, 18 Jan 2019 19:43:58 GMT

GET
H2 200 like.php
www.facebook.com/v2.10/plugins/ Frame DAEE 0
0 125ms
121ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.10/plugins/like.php?app_id=233762186648276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df2cbeeb0649e5a8%26domain%3Dwww.windowsbbs.com%26origin%3Dhttps%253A%252F%252Fwww.windowsbbs.com%252Ff345ed0e565c568%26relation%3Dparent.parent&color_scheme=light&container_width=78&font=segoe%20ui&href=https%3A%2F%2Fwww.facebook.com%2FWindowsBBS&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.10/plugins/like.php?app_id=233762186648276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df2cbeeb0649e5a8%26domain%3Dwww.windowsbbs.com%26origin%3Dhttps%253A%252F%252Fwww.windowsbbs.com%252Ff345ed0e565c568%26relation%3Dparent.parent&color_scheme=light&container_width=78&font=segoe%20ui&href=https%3A%2F%2Fwww.facebook.com%2FWindowsBBS&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version: v2.10
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: BhYmJxjoxqj6SpLZe9Q4Um3aTw0h1tkl2eQ+P2XOehILQay+OLOYSx5Zbcvn12kJXaFO2tt2IHCFCarJCbHwLw==
date: Fri, 18 Jan 2019 19:43:58 GMT

GET
H/1.1 200
OK tweet_button.a600a62a1c92aa33bb89e73fa1e8b3b3.en.html
platform.twitter.com/widgets/ Frame BE3B 0
0 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.a600a62a1c92aa33bb89e73fa1e8b3b3.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Jan 2019 19:43:58 GMT
Etag: "544c4934764ab4c5b9ca133f89607fab+gzip"
Last-Modified: Thu, 17 Jan 2019 21:45:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B0)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12222

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.xQBn4FsfrCQ.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA/ 280 KB
97 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.xQBn4FsfrCQ.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA/cb=gapi.loaded_0

Requested by

Host: plus.google.com
URL: https://plus.google.com/js/client:plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e05e0c968f2a8adf95590668105b9a34f4bb90f09814d642501fbe6ee67604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 17 Jan 2019 18:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 18:38:26 GMT
server: sffe
age: 89835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 98866
x-xss-protection: 1; mode=block
expires: Fri, 17 Jan 2020 18:46:43 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.xQBn4FsfrCQ.O/m=signin_annotation/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA/ 147 B
409 B 19ms
8ms Script
text/javascript 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.xQBn4FsfrCQ.O/m=signin_annotation/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA/cb=gapi.loaded_1

Requested by

Host: plus.google.com
URL: https://plus.google.com/js/client:plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a5a3cc9cb1b7c8428017f25532d1f235e4eebd014853a3ed0b4ee4f630e358ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 17 Jan 2019 18:50:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 18:38:26 GMT
server: sffe
age: 89631
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 147
x-xss-protection: 1; mode=block
expires: Fri, 17 Jan 2020 18:50:07 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5137 0
0 265ms
262ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=2902953748&w=880&lmt=1547840635&nsk=aff6cafa&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638496&bpp=6&bdt=2489&fdt=8&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0&nras=2&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=187604172144655&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=35828&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=4&uci=4.t3jo8hdg2jjf&xpc=2TG3I6RdFg&p=https%3A//www.windowsbbs.com&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=2902953748&w=880&lmt=1547840635&nsk=aff6cafa&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638496&bpp=6&bdt=2489&fdt=8&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0&nras=2&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=187604172144655&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=35828&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=4&uci=4.t3jo8hdg2jjf&xpc=2TG3I6RdFg&p=https%3A//www.windowsbbs.com&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUk2_YTeM8NmQhvokZVB9Hd1eVizdEacfChvI2Lm_Fi-DopLuY7MPIysVw_m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:58 GMT
server: cafe
content-length: 29455
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D6A4 0
0 351ms
346ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=194&adk=2703919785&adf=102936&w=880&lmt=1547840635&nsk=906f189d&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x194&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638514&bpp=5&bdt=2506&fdt=14&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148&nras=3&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=58857&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=999148913&ifi=5&uci=5.pnqsax5t0cfr&xpc=Pt8yOIQglC&p=https%3A//www.windowsbbs.com&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=194&adk=2703919785&adf=102936&w=880&lmt=1547840635&nsk=906f189d&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x194&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638514&bpp=5&bdt=2506&fdt=14&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148&nras=3&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=58857&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=999148913&ifi=5&uci=5.pnqsax5t0cfr&xpc=Pt8yOIQglC&p=https%3A//www.windowsbbs.com&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUk2_YTeM8NmQhvokZVB9Hd1eVizdEacfChvI2Lm_Fi-DopLuY7MPIysVw_m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:59 GMT
server: cafe
content-length: 21724
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5C38 0
0 310ms
305ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=2956468797&w=880&lmt=1547840635&nsk=7af8ce25&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638542&bpp=5&bdt=2534&fdt=5&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194&nras=4&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=61243&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=6&uci=6.9imucd3luj09&xpc=vbURsZCNKC&p=https%3A//www.windowsbbs.com&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=2956468797&w=880&lmt=1547840635&nsk=7af8ce25&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638542&bpp=5&bdt=2534&fdt=5&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194&nras=4&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=61243&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=6&uci=6.9imucd3luj09&xpc=vbURsZCNKC&p=https%3A//www.windowsbbs.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUk2_YTeM8NmQhvokZVB9Hd1eVizdEacfChvI2Lm_Fi-DopLuY7MPIysVw_m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:58 GMT
server: cafe
content-length: 29435
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5A40 0
0 306ms
303ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=205&adk=878884862&adf=702508784&w=880&lmt=1547840635&nsk=bd9e3a04&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x205&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638555&bpp=5&bdt=2547&fdt=6&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194%2C880x148&nras=5&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=73787&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=1367272244&ifi=7&uci=7.89nhenohm6vs&xpc=y8VCSbRVNf&p=https%3A//www.windowsbbs.com&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=205&adk=878884862&adf=702508784&w=880&lmt=1547840635&nsk=bd9e3a04&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x205&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638555&bpp=5&bdt=2547&fdt=6&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194%2C880x148&nras=5&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=73787&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=1367272244&ifi=7&uci=7.89nhenohm6vs&xpc=y8VCSbRVNf&p=https%3A//www.windowsbbs.com&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUk2_YTeM8NmQhvokZVB9Hd1eVizdEacfChvI2Lm_Fi-DopLuY7MPIysVw_m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:58 GMT
server: cafe
content-length: 29591
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 46AD 0
0 314ms
312ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=1800997508&w=880&lmt=1547840635&nsk=5192d843&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638570&bpp=5&bdt=2562&fdt=5&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194%2C880x148%2C880x205&nras=6&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=85138&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=8&uci=8.jj8th4nphi86&xpc=Rr8JySjBb0&p=https%3A//www.windowsbbs.com&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7728182332040300&output=html&h=148&adk=346652793&adf=1800997508&w=880&lmt=1547840635&nsk=5192d843&rafmt=11&pwprc=7602340595&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=880x148&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&flash=0&pra=3&wgl=1&fa=26&adsid=NT&dt=1547840638570&bpp=5&bdt=2562&fdt=5&idt=-M&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=880x90%2C338x280%2C0x0%2C880x148%2C880x194%2C880x148%2C880x205&nras=6&correlator=6447984450918&frm=20&pv=1&ga_vid=506474847.1547840637&ga_sid=1547840637&ga_hid=820248293&ga_fc=0&iag=0&icsg=2439403985829903&dssz=39&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=85138&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062571%2C368226500%2C21060078%2C410075101&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=144&bc=15&osw_key=833323010&ifi=8&uci=8.jj8th4nphi86&xpc=Rr8JySjBb0&p=https%3A//www.windowsbbs.com&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUk2_YTeM8NmQhvokZVB9Hd1eVizdEacfChvI2Lm_Fi-DopLuY7MPIysVw_m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jan 2019 19:43:58 GMT
server: cafe
content-length: 29305
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 3078 0
0 19ms
19ms Document
text/html 2a00:1450:4001:815::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.windowsbbs.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.xQBn4FsfrCQ.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.xQBn4FsfrCQ.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA/cb=gapi.loaded_0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rR6PKOYoOx1E1T1cndhZRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.windowsbbs.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.xQBn4FsfrCQ.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMEertAsRkSGPVfspuY3EhAn4ogDA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
cookie: NID=156=Q_JGlxsKrRpa2y92nlrxK2KbxYHMZjutqqKecHIow2MXE-k3zkuSjWzfoveGYz7pnWz7mOemn3ojIzDyH4kEjkwszuZbnVTChFdOCHWC7QelsrKH1dq0ISDNPOjUJ2rYwhp2Q4EmOGzgh9jfOyiA7comnXtgfBb5IvSbFRIhuPc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jan 2019 19:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-rR6PKOYoOx1E1T1cndhZRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
124 B 237ms
236ms Image
image/gif 199.16.157.105
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1547840638800%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222016731%3A1547706399649%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.157.105 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 18 Jan 2019 19:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 12
pragma: no-cache
last-modified: Fri, 18 Jan 2019 19:43:58 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f1d4cae6920c6455d518022bd9d1f551
x-transaction: 00925cc800e76409
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK visitormatch
bh.contextweb.com/bh/ Frame 9610 0
0 33ms
32ms Document
text/html 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/visitormatch?tag=114879&pid=507782
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: cw=cw; wf=0; LP_ddfef5c3=1547840637892; LP_b872ae4e=1547840637990; vf=3; LP_f14ddcb6=1547840638097; _dbefe=http://10.223.6.213:8080; sto-id-20480-bh=BJANNMAKFBAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-df6978777-cxm2t
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 18 Jan 2019 19:43:58 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1537-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

GET
H/1.1 200
OK displayAd.js Show response
s.tribalfusion.com/ Frame 3EA9 678 B
860 B 857ms
178ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7415410238
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/WindowsBBScom/ROS/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 0da82aac587c69e150f4f908ab664947bb668daf239ae01191832393204268db

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:43:59 GMT
Content-Encoding: gzip
X-Function: 153
X-Reuse-Index: 1
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private
Last-Modified: Tue, 04 Apr 2017 05:09:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 332
Expires: Thu, 18 Apr 2019 19:43:59 GMT

GET
H/1.1 200
OK visitormatch
bh.contextweb.com/bh/ Frame 6B40 0
0 28ms
25ms Document
text/html 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/visitormatch?tag=72837&pid=507782
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: cw=cw; wf=0; LP_ddfef5c3=1547840637892; LP_b872ae4e=1547840637990; vf=3; LP_f14ddcb6=1547840638097; _dbefe=http://10.223.6.213:8080; sto-id-20480-bh=BJANNMAKFBAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-df6978777-cxm2t
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 18 Jan 2019 19:43:59 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1537-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 71C2 0
0 22ms
21ms Document
text/html 2a00:1450:4001:815::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b269e+0BwFjDdyjLQHQ5vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jan 2019 19:43:59 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-b269e+0BwFjDdyjLQHQ5vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame 3EA9 7 KB
3 KB 169ms
168ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7415410238&tagKey=772332401&site=windowsbbscom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&f=1&p=570255&tKey=aRmneMoHYB3EF85H6q5PJZdMGvOPEYgYA&a=1&adContainerId=richmedia_2&rnd=567802
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/WindowsBBScom/ROS/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 302ea76f89c441dcee92c61831041e6168e5f71799f4514885e13204743de988

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 2
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 3004
Expires: 0

GET
H/1.1 200
OK tf_adChoice11.js Show response
cdnx.tribalfusion.com/media/common/adChoice/ Frame 3EA9 4 KB
3 KB 70ms
13ms Script
application/x-javascript 23.54.113.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.113.112 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-54-113-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
X-Function: 301
ETag: 1368849776
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: public
Last-Modified: Sat, 18 May 2013 04:02:56 GMT
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1021
Expires: Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 3EA9 2 KB
2 KB 66ms
20ms Script
application/x-javascript 2.20.248.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=2826712&cmp=22183249&plc=237521113&sid=5130266&dvregion=0&unit=160x600
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7415410238&tagKey=772332401&site=windowsbbscom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&f=1&p=570255&tKey=aRmneMoHYB3EF85H6q5PJZdMGvOPEYgYA&a=1&adContainerId=richmedia_2&rnd=567802
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.248.170 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-248-170.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 294daaa6e3342ee9ecd50ad7d721209e68e890077b328a9a40543aba369d2f57

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
ETag: "053ef40b375d41:0"
Last-Modified: Tue, 06 Nov 2018 09:29:44 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1338

GET
H/1.1 200
OK dvbs_src_internal62.js Show response
cdn.doubleverify.com/ Frame 3EA9 63 KB
25 KB 15ms
14ms Script
application/x-javascript 2.20.248.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal62.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=2826712&cmp=22183249&plc=237521113&sid=5130266&dvregion=0&unit=160x600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.248.170 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-248-170.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 593a6ece7243610222f3f3dc1a73da6808e9155d3824928a76a9953e5daea2a7

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Nov 2018 09:29:55 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "2887f346b375d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25639

GET
H/1.1 200
OK bst2tv3.html
cdn3.doubleverify.com/ Frame DC4E 0
0 96ms
19ms Document
text/html 2.16.187.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-64.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:34 GMT
Accept-Ranges: bytes
ETag: "3348a8dcfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 806
Date: Fri, 18 Jan 2019 19:44:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 3EA9 7 KB
3 KB 224ms
49ms Script
text/javascript 213.254.244.15
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_799521361732&jsTagObjCallback=__tagObject_callback_799521361732&num=6&ctx=2826712&cmp=22183249&plc=237521113&sid=5130266&advid=&adsrv=&unit=160x600&isdvvid=&uid=799521361732&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&chro=0&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&aUrlD=&m1=13&fcifrms=22&brh=2&fwc=3&fcl=21&flt=21&fec=5401&vavbkt=4,8,1,23&lvvn=26&ver=112&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH%3A%3F5%40HD33D%5D4%40%3ETauE9C625DTau%3AE%5C96%3DA6C%5C8%40E%5C%3A%3FE%40%5C7C%3A6%3F5D%5C4%40%3EAFE6C%5D%60%60%60hh%60TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH%3A%3F5%40HD33D%5D4%40%3ETar9EEADTbpTauTauHHH%5DH%3A%3F5%40HD33D%5D4%40%3ETar9EEADTbpTauTauHHH%5DH%3A%3F5%40HD33D%5D4%40%3EU2%26C%3Dl
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.15 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e8e9923ed8af14748f655a48db174c7dfec3c82318ba001f8784e1c4d6263309

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:43:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 1/17/2019 7:44:00 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 058D 4 KB
3 KB 67ms
16ms Script
application/x-javascript 2.20.248.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.248.144 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-248-144.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
ETag: "706280bdf3b8d31:0"
Last-Modified: Sun, 11 Mar 2018 04:45:11 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=60578
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2342

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ Frame 3EA9 58 KB
14 KB 178ms
177ms Script
application/x-javascript 204.11.109.77
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal62.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.77 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: tags.expo9.exponential.com
Software: /
Resource Hash: a9b1d2946110b43e6ecdc9c6ccdb47da5838dc4bb5a01ae96ff012221c5ac979

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
X-Function: 151
X-Reuse-Index: 2
ETag: 6259320565918225721
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: max-age=3600, private
Last-Modified: Fri, 21 Dec 2018 06:42:52 GMT
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 13926
Expires: Fri, 18 Jan 2019 20:44:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 3EA9 807 B
1 KB 226ms
60ms Image
image/gif 213.254.244.20
DoubleVerify

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=138635b077f044ed9102fa88af246b47&dvp_or2=1&cbust=1547840640530100
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.20 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Connection: close
Expires: 1/17/2019 7:44:00 PM

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 3EA9 807 B
1 KB 226ms
60ms Image
image/gif 213.254.244.20
DoubleVerify

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=138635b077f044ed9102fa88af246b47&vfdur=224&cbust=1547840640531624
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.20 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Connection: close
Expires: 1/17/2019 7:44:00 PM

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 3EA9 807 B
1 KB 589ms
182ms Image
image/gif 213.254.244.20
DoubleVerify

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=138635b077f044ed9102fa88af246b47&pltfrm=Linux%20x86_64&dvp_acv=1&dvp_acifd=2&dvp_mref=&dvp_acc=45&dvp_acl=5165&dvp_acwe=0&dvp_vpos=1585-1200-1&cbust=1547840640533165
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.20 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Connection: close
Expires: 1/17/2019 7:44:01 PM

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 3EA9 807 B
1 KB 1234ms
71ms Image
image/gif 213.254.244.20
DoubleVerify

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=138635b077f044ed9102fa88af246b47&dvp_dvcs=&cbust=1547840640535332
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.20 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Connection: close
Expires: 1/17/2019 7:44:01 PM

GET
H/1.1 200
OK j.ad Show response
s.tribalfusion.com/ Frame 3EA9 585 B
1 KB 165ms
165ms Script
application/x-javascript 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=7415410238&tagKey=772332401&site=contentverification&adSpace=adverificationbackup_dv&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&f=1&p=570255&tKey=aRmneMoHYB3EF85H6q5PJZdMGvOPEYgYA&a=3&adContainerId=richmedia_4&rnd=570774
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/WindowsBBScom/ROS/tags.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash: 7b8068d25b93edb7942579f08fec4f6daf645b3d95036fd4ffb820d53c0e134f

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Function: 101
X-Reuse-Index: 3
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 463
Expires: 0

GET
H/1.1 200
OK adc_ndr_nepal_160x600.gif
cdnx.tribalfusion.com/media/5268376/ Frame 3EA9 35 KB
37 KB 3078ms
15ms Image
image/gif 23.54.113.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/5268376/adc_ndr_nepal_160x600.gif
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.113.112 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-54-113-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 03c900c22360704f5849829714ecd48b27b4b3aca80e27fc4eda7348674c4b89

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:03 GMT
Content-Encoding: gzip
X-Function: 301
ETag: 1433345302
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: public
Last-Modified: Wed, 03 Jun 2015 15:28:22 GMT
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 36181
Expires: Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 192F 0
0 169ms
162ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a7mSwY0GY0Ys351cbMmEj42rZbSTUjEVP7XPqM0QVZbtQWBy1W7uW6YM3V34XbZbKV6am4A3ePArI2HUtXWMDnHZam46YQ4sjeUVJ8UcJiPP3oTWYQUrJ52U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0a2M4WMZdQVrG2mQHoWXOVWbeXUY7Xrj90qeMRbvFUUJPTHY3mb7oRUrF6IgDZb6&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 4
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 252
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame F609 0
0 326ms
160ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mSoX0bYk1F7i1TaqRFJDTFZb2TdrYor7mPFfr1E3r5qBj4q74naFFYFJ8WHf0oPnLnG7pmW7D3T372Hyt5AnKnbYZd0G7U1cvV1cBnnEvV2UQVWUvBUAMTPqb1QGBtStBO0tFrT6vp3GM2XUMKVmur5PQgQAFJ2HZbrXWYAnt2v36ZbY4cQ7UGr7VGMeR6FwTdUUWbnS3bEoVqvvTWUTkU3ZbsX&mediaDataID=5406476&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 5
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 270
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 9230 0
0 479ms
164ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a9mSoXVcvjUsFiP6ryUHFSTUbX3FasUq3oVEUaSTYZaSsFLPburStY7WcvT2FqvotirXqew4tjFQVbZa5AFZcodPmTHj80b771Ub91EZaMRrJFTUU4VdQXorZbxPbrqYaJs3TBk5a35oT7IXFf6UHZbQoAMZcmGMupdQK3TZbh5teN5PvZbprfEYVURXGv51cvxnavV2UUTTUMZbWAv4QEnQSbQGhMmdRX&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 6
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 263
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 9B45 0
0 640ms
163ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aamSwY1crV0VjpnTJT2rQ2TrfDVmv1QTb3QVUsQHUO1WjnVAMp3sM1YrQIT6ip2AF8PmjK2tFM0HYIpd6n5AQ14srbUVJlVVMjPPnyWd33TFj12U6nVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4tQBSsjZa46JZbmdAyTdQe0bbbYUQj1EAMRrUZbUUn1VtBToFBnPFFt1EFHidyK8C&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 7
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 260
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 5208 0
0 815ms
183ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=abmSwY1Uf90q6ORbMZdWbUSWtvUnUfnQFroYq3t5aUk4Er1mqbIXrfdTd7SmmfIpVfmoWvJ3aF93des3AFFnUrGYGnUXsFT1svNpTZbP5U32WrbGUmQXQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4HvnXdYAnt2u36YY5GjfVcv6VGFjPAnoUtY3UrZbX3bTxUEMpVEvcSTBNaqnrle&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 179
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 26C2 0
0 7189ms
6550ms Document
text/html 204.11.109.66
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=acmSwYUcZb8RAYnUtJTUUfP2FawUa3nWEJ9QaYZcScQIPUimRdviVVYQ5bymmWqs0a6v2trZdQcMZc46QZdmdaOTtBfYbn7XUY71TqoPbMDWUYSVtBUnbfmQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5Tvl5HeN5PvZaprMEXsfY1cnY1VfxpEZb43FY2VFBGWAfWRqr1QsMqStUZcfcVVrJ&mediaDataID=6453196&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 201
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 5482 0
0 967ms
162ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=admSwYXGJnnEb23FQTVFbZcV6UXQaM3PsZbnQHZbN1HvoVAnw2VYUYUnZbUPmn4AZb7RmrA2H3O0tJCntEw36M05VMeUcQ8UsM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESVBC2AQHotXsVWJhXUfj1Ujj0aeORbMZbUF3SVtv5mrYuRbbqYTrr3TU5bOsn1i&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 9
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 233
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame 5DCB 0
0 1125ms
162ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aemSwYXaEMRrUZdUrnQTH3WnUbvPFBoXTFm5aZbl4T7XmqfBYUZbfTHBVn6rKnV7pmW7D3T373Wuy5P7ZcprYHXcvXXc3X0svpmavQ5UnRTFfZcVmM4QTQSPVZbsStJr1djxVmbw2cn0YrZbIVmPr4m3aPAMD3dMqXHrZcpWEo5mBS3srgTVJkUcJiS6nyWtn3Ub7P3bimWqbwTaYbQEnZaQVQvdsDXAW&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 10
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 288
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK p.media
s.tribalfusion.com/ Frame B4D2 0
0 1282ms
166ms Document
text/html 204.11.109.68
Exponential Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=afmSoXPProWtrRTrf23F2sVqQwVan7STnZcSGZbJRr6mRdrbWGbS5rXsmWeq0qyn4tMFQGrF26BZbotIyUd38Xb78YF7fXayoPbrZbTrvSVdJ5nr7qPrbn1EYy5aUk4EjXoTfCXrfaWH7XnmUInGQpmHMG2EQ92WIM5PvZaprMEXVfQ1cJV1VBMpafQ2rFVVrnGVAn2RTfRQcUtPtBrYqbDcuW3i8&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 204.11.109.68 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US),
Reverse DNS: a.tribalfusion.com
Software: /
Resource Hash

Request headers

Host: s.tribalfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Accept-Encoding: gzip, deflate, br
Cookie: ANON_ID=aSnyn6N3IdN9IdwFUwGD2gBU3V3XsWjffJU5OJ20qKh4b0dFv0mSM7r6KZbK1GZd96Nh0MmPqqZbmWZdresP7rOfdyy3iZc4vQBijLYiidJRJyKUZc1rxD2tn312fJywZbLAa1s3KXHZbx7NZbWrZd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 11
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 230
Expires: 0
Connection: keep-alive

GET
H/1.1 200
OK ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 3EA9 513 B
1 KB 1745ms
13ms Image
image/png 23.54.113.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.113.112 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-54-113-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:03 GMT
Content-Encoding: gzip
X-Function: 301
ETag: 1327870758
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: public
Last-Modified: Sun, 29 Jan 2012 20:59:18 GMT
Connection: keep-alive
Content-Type: image/png; charset=utf-8
Content-Length: 536
Expires: Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 3EA9 2 KB
2 KB 1758ms
13ms Image
image/png 23.54.113.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.113.112 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-54-113-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 18 Jan 2019 19:44:03 GMT
Content-Encoding: gzip
X-Function: 301
ETag: 1327870758
Vary: Accept-Encoding
P3P: CP="NOI DEVo TAIa OUR BUS"
Cache-Control: public
Last-Modified: Sun, 29 Jan 2012 20:59:18 GMT
Connection: keep-alive
Content-Type: image/png; charset=utf-8
Content-Length: 1631
Expires: Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT, Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK / Show response
windowsbbs-us.intellitxt.com/go/1/ 4 KB
2 KB 43ms
42ms Script
text/javascript 31.24.80.101
VIBRANT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsbbs-us.intellitxt.com/go/1/?ipid=19272&consentstr=&consenttype=
Requested by: Host: windowsbbs-us.intellitxt.com
URL: https://windowsbbs-us.intellitxt.com/intellitxt/front.asp?ipid=19272
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.24.80.101 , United Kingdom, ASN56464 (VIBRANT-EU, GB),
Reverse DNS
Software: nginx / Kormorant
Resource Hash: 21bab916f13fa6d10ce4f457d219bd6a9ef938902b9262b789133be179d749dc

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:13 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Kormorant
Vary: Accept-Encoding, *
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 Jan 2016 00:00:00 GMT

GET
H2 200 kormorant-1.28.22.min.js Show response
images.intellitxt.com/k/ 180 KB
50 KB 48ms
11ms Script
application/javascript 143.204.214.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/k/kormorant-1.28.22.min.js
Requested by: Host: windowsbbs-us.intellitxt.com
URL: https://windowsbbs-us.intellitxt.com/go/1/?ipid=19272&consentstr=&consenttype=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.38 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-38.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92426e453f6ece773d0ecc0bbd3c23b0ea2afdef10104b02b4f588f7e9aba31c

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 02 Jan 2019 22:07:05 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 15:32:56 GMT
server: AmazonS3
age: 1373829
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: eqrgsyYMITjpj22z8aRNRMvrG4_uqNBMDtYUi7du2Iatge5ZSDinxQ==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 readconsent.html
vibrant.mgr.consensu.org/ Frame 14E2 0
0 43ms
9ms Document
text/html 143.204.214.67
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vibrant.mgr.consensu.org/readconsent.html
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.28.22.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.67 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-67.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: vibrant.mgr.consensu.org
:scheme: https
:path: /readconsent.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/

Response headers

status: 200
content-type: text/html
content-length: 87
last-modified: Thu, 24 May 2018 20:20:03 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 17 Jan 2019 23:07:24 GMT
etag: "d8bb22c98f002e29edc15d65b2a5c68c"
age: 110265
x-cache: Hit from cloudfront
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
x-amz-cf-id: d__frf1TnONm0nX4ysnUaCqNCXc3jf--6Q5gMP8zPpsrI56DdJeM2Q==

GET
H2 200 kormorant-1.28.22.min.css
images.intellitxt.com/k/ 26 KB
7 KB 24ms
12ms Stylesheet
text/css 143.204.214.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images.intellitxt.com/k/kormorant-1.28.22.min.css
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.28.22.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.38 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-38.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e4589cc1b2f626283fe3b8863564d2328dace5f4113a6ba050f064c8ec8b813

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 15 Jan 2019 11:14:13 GMT
content-encoding: gzip
last-modified: Tue, 18 Dec 2018 10:48:30 GMT
server: AmazonS3
age: 289805
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: jdRUh7t28zU5H60dx-h95mZ_9XhmldzT9mkBL__IJvO2oce3zbi3jA==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

OPTIONS
H/1.1 200
OK 1 Show response
windowsbbs-us.intellitxt.com/context/ 13 B
513 B 128ms
21ms XHR
text/html 31.24.80.101
VIBRANT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsbbs-us.intellitxt.com/context/1
Requested by: Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.28.22.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.24.80.101 , United Kingdom, ASN56464 (VIBRANT-EU, GB),
Reverse DNS
Software: nginx / Kormorant
Resource Hash: a821ef2e57f7a813859e0757693071df87135628c3d8f017bc499d0322afeba6

Request headers

Access-Control-Request-Method: POST
Origin: https://www.windowsbbs.com
Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:13 GMT
Allow: GET,HEAD,POST
Server: nginx
X-Powered-By: Kormorant
Vary: *
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.windowsbbs.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 13
Expires: Fri, 08 Jan 2016 00:00:00 GMT

GET
H/1.1 204
No Content /
windowsbbs-us.intellitxt.com/log/0/ptr/5461af7886c54266ea318f9791f33cdb5e2e3838/19272/736c0049-0d33-4dd9-a918-3da910ac7a00/ 0
230 B 38ms
36ms Image
text/plain 31.24.80.101
VIBRANT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsbbs-us.intellitxt.com/log/0/ptr/5461af7886c54266ea318f9791f33cdb5e2e3838/19272/736c0049-0d33-4dd9-a918-3da910ac7a00/
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.24.80.101 , United Kingdom, ASN56464 (VIBRANT-EU, GB),
Reverse DNS
Software: nginx / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:13 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"a-b541a50d"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H/1.1 500
Internal Server Error 1 Show response
windowsbbs-us.intellitxt.com/context/ 165 B
670 B 2535ms
2346ms XHR
application/json 31.24.80.101
VIBRANT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsbbs-us.intellitxt.com/context/1
Requested by: Host: www.windowsbbs.com
URL: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.24.80.101 , United Kingdom, ASN56464 (VIBRANT-EU, GB),
Reverse DNS
Software: nginx / Kormorant
Resource Hash: d28f9b89b03a7656a76dedb5ba0cf9921d6e5f50eac762c9ca3232f8d9c83455

Request headers

Referer: https://www.windowsbbs.com/threads/it-helper-got-into-friends-computer.111991/
Origin: https://www.windowsbbs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 18 Jan 2019 19:44:16 GMT
Server: nginx
X-Powered-By: Kormorant
Vary: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.windowsbbs.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 165
Expires: Fri, 08 Jan 2016 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7728182332040300&output=html&h=90&slotname=6529846399&adk=1426222433&adf=1938212508&w=728&fwrn=3&fwrnh=100&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.windowsbbs.com%2Fthreads%2Fit-helper-got-into-friends-computer.111991%2F&ea=0&flash=0&fwr=0&resp_fmts=3&wgl=1&dt=1547840637959&bpp=17&bdt=196&fdt=18&idt=6&shv=r20190114&cbv=r20180604&saldr=aa&correlator=6447984450918&frm=23&ife=1&pv=1&ga_vid=883219931.1547840638&ga_sid=1547840638&ga_hid=685339276&ga_fc=0&iag=3&icsg=2696&nhd=1&dssz=7&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=299&ady=35757&biw=1585&bih=1200&isw=728&ish=90&ifk=902955470&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&ppjl=u&pfx=0&fu=148&bc=15&osw_key=2625608094&ifi=1&uci=1.g9v78c9q1rie&fsb=1&dtd=26

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d(Line 225) Message: XenForo.activate(%o)
console-api	info	URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d(Line 403) Message: XenForo.SquareThumbs: %o
console-api	log	URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d(Line 227) Message: console.groupEnd
console-api	info	URL: https://www.windowsbbs.com/js/xenforo/xenforo.js?_v=ec92ec8d(Line 212) Message: XenForo.init() %dms. jQuery %s/%s
console-api	log	URL: https://windowsbbs-us.intellitxt.com/intellitxt/front.asp?ipid=19272(Line 69) Message: VM: ReloadGo - Consent cookie not found

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.fdma-media.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams-ads.contextweb.com
apis.google.com
bh.contextweb.com
cdn.doubleverify.com
cdn3.doubleverify.com
cdnx.tribalfusion.com
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
images.intellitxt.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
platform.twitter.com
plus.google.com
pp-m.ns1p.net
rtb0.doubleverify.com
s.tribalfusion.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tag-st.contextweb.com
tag.contextweb.com
tags.expo9.exponential.com
tps20515.doubleverify.com
vibrant.mgr.consensu.org
windowsbbs-us.intellitxt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.paypalobjects.com
www.windowsbbs.com
googleads.g.doubleclick.net
13.229.8.45
143.204.214.38
143.204.214.67
151.101.0.166
169.60.145.200
169.62.175.57
199.16.157.105
2.16.187.64
2.20.248.144
2.20.248.170
204.11.109.66
204.11.109.68
204.11.109.77
209.197.3.15
213.254.244.15
213.254.244.20
23.210.248.226
23.54.113.112
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:814::2003
2a00:1450:4001:815::200d
2a00:1450:4001:816::2002
2a00:1450:4001:817::200e
2a00:1450:4001:819::2003
2a00:1450:4001:819::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2002
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.24.80.101
34.200.62.249
45.76.91.25
52.19.121.121
74.214.194.131
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808
01ac0135af6bcda80afb7012ec65c05458d71aa7d93fea5b14925ed07b7896f2
03c900c22360704f5849829714ecd48b27b4b3aca80e27fc4eda7348674c4b89
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c6f18d0096026b2729965af0839a94c9bded668f1e906c86acfc28a7be9444
09c9f96143372ee7e9fee4a67f16feec1d7d251f7739e9c77f13365fd0938484
0da82aac587c69e150f4f908ab664947bb668daf239ae01191832393204268db
16c9bcf1d5ec6a52ec9cb45c24118f1483ea0c3d0aab825e3d80a4f3673bd3f5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
1e270844c8b580f0bff72522df6478b8d2de9383e88ab6b1d2fb354736337665
21bab916f13fa6d10ce4f457d219bd6a9ef938902b9262b789133be179d749dc
223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b
2797a5a31f878305121024bf4f2271f8059dcc6c2b24efde2994c09631bed34f
28036359999374181bb29e83ca7c72aafd2f1b4c009a67e2f5fdb37f0ac48550
294daaa6e3342ee9ecd50ad7d721209e68e890077b328a9a40543aba369d2f57
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b444c9fe9d0c29d7a6b4770f825a58fdc915caa13f0c1e0550f426620cf9db7
302ea76f89c441dcee92c61831041e6168e5f71799f4514885e13204743de988
31e05e0c968f2a8adf95590668105b9a34f4bb90f09814d642501fbe6ee67604
35791fe302df16602258e1b50fca42a46d93706941edaa00700a63edb3288d9d
3b0b0d46ef30d3b2dff28638822c122a6f17a99afe5519b9fe5d660b763fb21c
3e4589cc1b2f626283fe3b8863564d2328dace5f4113a6ba050f064c8ec8b813
434211613bbdb01080564fa9263ac6d4518e3f99cddddca7a7beedf737f0409b
44b001b66928a69b459159f495c8ace9d3c8ca755374353113469bcefcb61fd6
4522f443908e742c9a5462820d647898e73433ae5cb561d4ce1daf36140ad947
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5053e3649a40c20ecca309843e7a085226246462cc33cc738981424ece35e7ff
593a6ece7243610222f3f3dc1a73da6808e9155d3824928a76a9953e5daea2a7
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
750d1df67df3d97bcc8cb30a4c967352b5af6489c7ea73ba472d9e5abc1a8444
757d2b275f45e229ae0e3c5f305417486575c308bd79b320aa80c8ec7c1a12c1
77f692fa63083335d82bc3d1ed0c93b9d9826ffda16f365ca2eef18039c34370
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8068d25b93edb7942579f08fec4f6daf645b3d95036fd4ffb820d53c0e134f
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8755c3830cd00faa5a0658cbbe133834c3e318a280032220c9a24da3c6aaac36
88155026ef10cb5087a687927e383a608e1239e8c3042eff08cb384986ed9f06
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
92426e453f6ece773d0ecc0bbd3c23b0ea2afdef10104b02b4f588f7e9aba31c
97496e6bcdabe45ce96cd604115ec76036bb61a9635addeea37c6bef3211e918
a0aee8f0cef8974af97a69bb4ebe37a41c97896dc00efcc4686fb6882c524c86
a10d96c76ca19c5c406b23d3d31eb3f41c1170b88fb5048dbe2e9d9b6656a455
a2b3be1e839b40d9f22ea7d9ada67128a2f9f8e642fad2294447eb596e928e82
a5a3cc9cb1b7c8428017f25532d1f235e4eebd014853a3ed0b4ee4f630e358ef
a5b9e2404084c4dd40ac43eae1d9bcf2c7c3f1262a27aa66cad50dc125dd2d3c
a821ef2e57f7a813859e0757693071df87135628c3d8f017bc499d0322afeba6
a9b1d2946110b43e6ecdc9c6ccdb47da5838dc4bb5a01ae96ff012221c5ac979
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b175629296775f33bfa5df88fd48e2d16765b6a1b9d6e287d0475119c6313959
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b957e0d4e95809f679549113d2002be0aebdfbdc83bf66244efc931104b96912
beee053f2cd5f4290fb87cd65c1cf0a9399ea128263f7f06c15e4a1cfbdef5bb
c1078df4cddabd2bac87d1bdc3ffb2a7e06cc5bdcf58e44df779a8a72559ef72
c13753b3f583c6bf37efd635eb94f9e2e5e39aed5170d51527f277fd4d4cd024
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d28f9b89b03a7656a76dedb5ba0cf9921d6e5f50eac762c9ca3232f8d9c83455
d882439243ca007ce9170cc8b882965bdaa5602dbee92ec250a5ec196f91a9e2
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb664d9269af1f4e2a06d0691f5153c89d1e1a373046ea2ffd4904e7dc1661
e8e9923ed8af14748f655a48db174c7dfec3c82318ba001f8784e1c4d6263309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0aa5720d6b4d7476457816b77d9f0831c3f2c2b21f544df5dd6c618925c7d61
f5a6aead82e35b8aa40843920afcc989d13101b85d177cf9f712b0d0bf4abaf8
f93af604245dac55fb866f25f43970a3dbb06bfae03d5f42f759921c187ecb55
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

www.windowsbbs.com Open in urlscan Pro 169.60.145.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

126 Requests

99 %HTTPS

45 %IPv6

25 Domains

42 Subdomains

41 IPs

6 Countries

1143 kBTransfer

3541 kBSize

0 Cookies

49 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.windowsbbs.com Open in urlscan Pro
169.60.145.200 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

99 %
HTTPS

45 %
IPv6

25
Domains

42
Subdomains

41
IPs

6
Countries

1143 kB
Transfer

3541 kB
Size

0
Cookies

126 HTTP transactions
0 data transactions