windows13update.com Open in urlscan Pro
162.246.17.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.windows13update.com/
Effective URL:
https://windows13update.com/
Submission: On March 21 via api (March 21st 2021, 5:06:33 am UTC) from GB

Summary HTTP 174 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 21 domains to perform 174 HTTP transactions. The main IP is 162.246.17.59, located in United States and belongs to IS-AS-1, US. The main domain is windows13update.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 21st 2021. Valid for: 3 months.

This is the only time windows13update.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	162.246.17.59 162.246.17.59	19318 (IS-AS-1) (IS-AS-1)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:b000:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
40	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	115.146.123.245 115.146.123.245	38732 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
1	2600:9000:218... 2600:9000:2182:3e00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:7c00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	3.124.48.224 3.124.48.224	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4002:805::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:5d::6	15169 (GOOGLE) (GOOGLE)
4 4	54.149.220.116 54.149.220.116	16509 (AMAZON-02) (AMAZON-02)
14	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
174	25

52 162.246.17.59 (United States) 1 redirects

ASN19318 (IS-AS-1, US)
PTR: server.birthdaywishesquotess.com

mail.windows13update.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
windows13update.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:b000:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.146.123.245 (Viet Nam)

ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)

st.quantrimang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:3e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7c00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.48.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4002:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:5d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednld.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.149.220.116 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-220-116.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.208.246 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.69.120 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	windows13update.com 1 redirects mail.windows13update.com windows13update.com	2 MB
45	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	491 KB
33	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	162 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	278 KB
8	google.com 3 redirects adservice.google.com www.google.com	1 KB
6	googletagservices.com www.googletagservices.com	206 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	3 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	addthis.com 4 redirects e.dlx.addthis.com	4 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	32 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	466 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	916 B
2	gvt1.com 1 redirects redirector.gvt1.com r1---sn-4g5ednld.gvt1.com	861 KB
2	google.de adservice.google.de	2 KB
2	quantrimang.com st.quantrimang.com	90 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	647 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
174	21

	Domain	Requested by
51	windows13update.com	windows13update.com
31	tpc.googlesyndication.com	googleads.g.doubleclick.net windows13update.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net windows13update.com
14	cm.g.doubleclick.net	windows13update.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	windows13update.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	3 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	windows13update.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	e.dlx.addthis.com	4 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	st.quantrimang.com	windows13update.com
2	www.google-analytics.com	windows13update.com www.google-analytics.com
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r1---sn-4g5ednld.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	windows13update.com
1	mail.windows13update.com	1 redirects
174	30

This site contains links to these domains. Also see Links.

Domain
afthemes.com

Subject Issuer	Validity	Valid
windows13update.com cPanel, Inc. Certification Authority	`2021-03-21` - `2021-06-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
st.quantrimang.com R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-03-11` - `2021-05-20`	2 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://windows13update.com/
Frame ID: 661A32D0A9432D9D4AFD21899D736D68
Requests: 75 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: FD263FEB7D089345DAB873E4F05C25C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: FEFA017AECD5309231E9B1E6D6610B4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&adk=1812271804&adf=3025194257&lmt=1616303172&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows13update.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616303172293&bpp=17&bdt=804&idt=102&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8620603123729&frm=20&pv=2&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Frame ID: D5B5F2E6F514EF9FDD78314D302A178D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=9033029096&adk=1943457011&adf=4176722011&pi=t.ma~as.9033029096&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172310&bpp=4&bdt=821&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2090&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RYKpJEo9RU&p=https%3A//windows13update.com&dtd=127
Frame ID: 8AB3433E42F161882931E354F26D2CC5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143
Frame ID: 9237640CA797E0FA5DE0F801D360582C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=7649289493&adk=3174500317&adf=3090239168&pi=t.ma~as.7649289493&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172315&bpp=1&bdt=826&idt=150&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=3720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=sREUMYnek7&p=https%3A//windows13update.com&dtd=153
Frame ID: A0B0C0B4EA588066FE07F4EF6A59D814
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20
Frame ID: F6F432D9545A9A2C2B6B4B6E2EFDA808
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24
Frame ID: FBA108828ABF2BAC65B132A05BAA3F5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: A1F956B00C96CDAC7CEFE22324E0C9A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B51ACE96CBED97FF2819D768AC2E1DAE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html
Frame ID: EFF3ED0324A77A95AD6C91F4A0B36A28
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CsevERNRWYMT2HMG9gAeG942IBq_Yg_VhzYTMlaQNhd2jp9kCEAEgtKS1QmCViriCyAegAercgNECyAEJqQIaA5w9Y_upPqgDAcgDSKoEzgFP0ImUgPfivMH2xfYKedIqefHhUWMCOpCYKcTYRdfoUuwT51NFqvdxKMg4Bd2P7VlF_XAIxse9GZoLdKvzM5cmh6Gqdss7Ex_kssyqdMdkowHObCDH7ZPtUPVFIYn_NF5hJ4QskTRf8sdYR_7sPcC3iLEwQiFuIw86KQdGRq-wSYvcapA_GGEsEexXv9asf8Z2A-hg5mYo8jAEb2rd5yzCAzkY1WTM6qPy_aX-qbByjNNXlScON2_o8ygi7oVzn3saRbda0unGRqFt4qWGeMAE-8HKxKQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEODKqwHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzg0ODc3MTUxMTAxNDk2Mg&sigh=UgXtfZbeb4k&template_id=419&tpd=AGWhJmvrnLZa1a4sYKulENhu6wTxQBZ1feSeMrzWinRYXN9Xvw
Frame ID: 8A6B2669E3A8E932F98C265E72ACA262
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AED69C31321E69433AE39516A30668EF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 432194069B7D8A428C810C70C873D1CB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 419DB713FD389B1018A8A7978CA6E1DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
Frame ID: 50737BCFC26BEED3639ABFB367CAC047
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C3s7CRNRWYKagI9eygAemjInQDa_Yg_VhjYLMlaQNhd2jp9kCEAEgtKS1QmCViriCyAegAercgNECyAEJqQIaA5w9Y_upPqgDAcgDSKoEzgFP0L-C79IhYyNLwY4nQ0boKkuxxw9tXr2xEIezYYR9idEwADOZXQoFoPPftbcQX7AODvldXqsJmS0APR1kiRwV8z-BMsidKcNAHPKJRntkQ6VZepBqB3KPRlI_xrU111hvdiyob9jbfxXGOoR38OP1O_2rA2vKRVvfBAW56_i9LGP1JHq1y10xg1NgmB56B9rxvns72snf3WQMpzaA4LQVQMmwEBSmH-Zzfo143nvfT-wa-zlyp32zPjxBaf3_LDEqxVzeUs_aOVVKLSshRcAE-8HKxKQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFENHeiwHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzg0ODc3MTUxMTAxNDk2Mg&sigh=xgmFRI4NmHI&template_id=419&tpd=AGWhJmuuSdjFNP5ci_9gLSpRHN-HryjZF3RnhvnI1pn_qRT8yQ
Frame ID: 2A80C46C417D9720CDAF1E635BEE1D53
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 4ECFD0846D8224C3D0427C53435A0F14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DBB9188AF9D4826A1A0D7CB3A0F42012
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: FDF0DE58150309B3F8BCB0B1605C95D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 1B462B169216D9BACB150A4935357D9F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mail.windows13update.com/ HTTP 301
https://windows13update.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

174
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

30
Subdomains

25
IPs

6
Countries

3758 kB
Transfer

5897 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://afthemes.com/products/newsphere
Title: Newsphere

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.windows13update.com/ HTTP 301
https://windows13update.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131

https://redirector.gvt1.com/videoplayback?id=98cfc9aa4a915a9f&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1616310372&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=884CF5F51DA3A92614A622D6B365B9E0F607706D.8C66FDE5105853EF66008CBE2DEB920AE5BEAE87&key=ck2 HTTP 302
https://r1---sn-4g5ednld.gvt1.com/videoplayback?id=98cfc9aa4a915a9f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1616310372&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7AB4695571E26DDF6B1F8FA2E8387170DCD64C43.2A2AB446DCD537CEC1D5CB73D5DF9C657171E779&key=cms1&cms_redirect=yes&mh=1D&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5ednld&ms=nvh&mt=1616302423&mv=u&mvi=1&pl=47

Request Chain 148

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIe6oU4RTn5FlueFmQo5J5sbd7ABmART3or_Nbc0F_yx2YsR4t85qQiXVx63AkPicfhWlOktoaYbQj34AW_CknLrwHLMw&google_gid=CAESEODuqFUTNGd4ZKwrw0G5aWY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIe6oU4RTn5FlueFmQo5J5sbd7ABmART3or_Nbc0F_yx2YsR4t85qQiXVx63AkPicfhWlOktoaYbQj34AW_CknLrwHLMw&google_gid=CAESEODuqFUTNGd4ZKwrw0G5aWY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQyNjgxNjkyMDUyODE1Mg%3D%3D&google_push=AQvitUIe6oU4RTn5FlueFmQo5J5sbd7ABmART3or_Nbc0F_yx2YsR4t85qQiXVx63AkPicfhWlOktoaYbQj34AW_CknLrwHLMw

Request Chain 149

https://rtb.openx.net/sync/dds?google_gid=CAESEJdehwZ4rFMNvsZ6SG_uB9A&google_cver=1&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEJdehwZ4rFMNvsZ6SG_uB9A&google_cver=1&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY&google_hm=67sJPWMoyfYKY6yRzUXJLg==

Request Chain 150

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENN97CEZOeoj0sgv5_M642E&google_cver=1&google_push=AQvitUJKnI1ZxR1KYZCTPHFJjFoJCeQwP1ibowhsTNqsVnvGadvYbO3-VAl5TL57pB2rQxPxrQPTCGzhhMsyO6npY2N1LV9RMA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENN97CEZOeoj0sgv5_M642E&google_cver=1&google_push=AQvitUJKnI1ZxR1KYZCTPHFJjFoJCeQwP1ibowhsTNqsVnvGadvYbO3-VAl5TL57pB2rQxPxrQPTCGzhhMsyO6npY2N1LV9RMA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJKnI1ZxR1KYZCTPHFJjFoJCeQwP1ibowhsTNqsVnvGadvYbO3-VAl5TL57pB2rQxPxrQPTCGzhhMsyO6npY2N1LV9RMA

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOFKC0IKnwAIPW1IuBxVsIM&google_cver=1&google_push=AQvitUIXVmw0xAO8UhohOo0X6xCkDTs4v3nZPL_ywMfEC2-ccGcKvNBZrtwEozgWeSGgFMsu9WoDOszJgR9-Xmrj2WiDo_a3RN4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFRkktMy1DMU1P&google_push=AQvitUIXVmw0xAO8UhohOo0X6xCkDTs4v3nZPL_ywMfEC2-ccGcKvNBZrtwEozgWeSGgFMsu9WoDOszJgR9-Xmrj2WiDo_a3RN4

Request Chain 152

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI&google_cver=1&google_push=AQvitUJodmWVYDEOrBH-WLGc_r5bGMBJf9RC5OkadX0yGsUwweSYeowly_B-MiQvZT6Nm2cle3uLcB4MkDhDeCLg_I_OFX_jHz4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI&google_cver=1&google_push=AQvitUJodmWVYDEOrBH-WLGc_r5bGMBJf9RC5OkadX0yGsUwweSYeowly_B-MiQvZT6Nm2cle3uLcB4MkDhDeCLg_I_OFX_jHz4&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUJodmWVYDEOrBH-WLGc_r5bGMBJf9RC5OkadX0yGsUwweSYeowly_B-MiQvZT6Nm2cle3uLcB4MkDhDeCLg_I_OFX_jHz4&google_cver=1&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI

Request Chain 153

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJk2v7YTZi4zddqdLkC0H0k&google_cver=1&google_push=AQvitUKykfGB7Le9ypwc1j2mVuZdJvqLzg9hec1xiEmVDJuD3UPMsK_lj-9jo8hjLsNkeW8cni9FfaElffZjcWOlvesgpznVa7g HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKykfGB7Le9ypwc1j2mVuZdJvqLzg9hec1xiEmVDJuD3UPMsK_lj-9jo8hjLsNkeW8cni9FfaElffZjcWOlvesgpznVa7g&google_hm=

Request Chain 158

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJbE9asecwgoeZEFtMi0YqNuPtClU-UYR3CdcwEmtJry_Cyf6EdFWh4lgwt-Cx2v6rKjQdcwVA-8hsqTfxZcP_GI6u18hM&google_gid=CAESENGg6NHCuttxN1ri4T3j5ks&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJbE9asecwgoeZEFtMi0YqNuPtClU-UYR3CdcwEmtJry_Cyf6EdFWh4lgwt-Cx2v6rKjQdcwVA-8hsqTfxZcP_GI6u18hM&google_gid=CAESENGg6NHCuttxN1ri4T3j5ks&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQzMTM0Nzk4Njg4MDA4Ng%3D%3D&google_push=AQvitUJbE9asecwgoeZEFtMi0YqNuPtClU-UYR3CdcwEmtJry_Cyf6EdFWh4lgwt-Cx2v6rKjQdcwVA-8hsqTfxZcP_GI6u18hM

Request Chain 159

https://rtb.openx.net/sync/dds?google_gid=CAESEH7Mj2ipZoI_yottBgYib_Y&google_cver=1&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEH7Mj2ipZoI_yottBgYib_Y&google_cver=1&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA&google_hm=67sJPWMoyfYKY6yRzUXJLg==

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE1wUQMr5J6Vl1vD9LFa7rU&google_cver=1&google_push=AQvitUL8PT1LcuyoqCGLildjjdtLNu8m8uj697q8xjZLtMhWAkqtbpqay9gAZ6Ow1tMKVdjOG_5Wwk4k1fCH_QnnRnXvL-YgIyk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE1wUQMr5J6Vl1vD9LFa7rU&google_cver=1&google_push=AQvitUL8PT1LcuyoqCGLildjjdtLNu8m8uj697q8xjZLtMhWAkqtbpqay9gAZ6Ow1tMKVdjOG_5Wwk4k1fCH_QnnRnXvL-YgIyk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL8PT1LcuyoqCGLildjjdtLNu8m8uj697q8xjZLtMhWAkqtbpqay9gAZ6Ow1tMKVdjOG_5Wwk4k1fCH_QnnRnXvL-YgIyk

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIctFvAAML_FfZNAJiCSWdM&google_cver=1&google_push=AQvitUKEC_OI8ZumhrAc5VZ1AQ2vIx2pJNe3i9uwacpBjjIP-87cfEZQk5138p4_dW1DXx6gt1G86KbbdZbpxtZiDnU2TYpuLS8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFR0ktMU8tRzdVSw==&google_push=AQvitUKEC_OI8ZumhrAc5VZ1AQ2vIx2pJNe3i9uwacpBjjIP-87cfEZQk5138p4_dW1DXx6gt1G86KbbdZbpxtZiDnU2TYpuLS8

Request Chain 162

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA&google_cver=1&google_push=AQvitUIZJ__SvfgmLYYXTvvJ4dqwP5npzozE57Q65x9dDtKsK4p_3d4K471IaRKEz32aTJtW-mzIigKigQRSkaADfhjRHaCK714 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA&google_cver=1&google_push=AQvitUIZJ__SvfgmLYYXTvvJ4dqwP5npzozE57Q65x9dDtKsK4p_3d4K471IaRKEz32aTJtW-mzIigKigQRSkaADfhjRHaCK714&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUIZJ__SvfgmLYYXTvvJ4dqwP5npzozE57Q65x9dDtKsK4p_3d4K471IaRKEz32aTJtW-mzIigKigQRSkaADfhjRHaCK714&google_cver=1&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA

Request Chain 163

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFz9zzaD02Ihx39eqEFeXhA&google_cver=1&google_push=AQvitUIY_X_GBM_SgLKdyDEZSgsb-Wq7GUdxeiQU0mwVNeLCZIILb9dB-HihW-Qu7Fon7mRNVxbZN1H1ycWgMoZjnvFvMedYUReN HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_X_GBM_SgLKdyDEZSgsb-Wq7GUdxeiQU0mwVNeLCZIILb9dB-HihW-Qu7Fon7mRNVxbZN1H1ycWgMoZjnvFvMedYUReN&google_hm=

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 173

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

174 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
windows13update.com/
Redirect Chain

https://mail.windows13update.com/
https://windows13update.com/

162 KB
163 KB

378ms
98ms

Document
text/html

162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 48d2f2f2051ebe24a13c7a331ee30963967ff3fe19426ed9cb8da653301f1bf2

Request headers

Host: windows13update.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 21 Mar 2021 05:06:10 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
X-Redirect-By: WordPress
Location: https://windows13update.com/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3816
date: Sun, 21 Mar 2021 04:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Mar 2021 06:02:35 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
windows13update.com/wp-includes/js/ 14 KB
14 KB 507ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Thu, 04 Feb 2021 05:49:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14229

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
71 B 12ms
12ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=407929435&t=pageview&_s=1&dl=https%3A%2F%2Fwindows13update.com%2F&ul=en-us&de=UTF-8&dt=Windows%2013%20ISO%20Download%2064%20bit%20Releases%20date%202021%20Microsoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=363072402&gjid=1608933027&cid=2101468920.1616303172&tid=UA-156681290-1&_gid=1218377565.1616303172&_r=1&_slc=1&z=480289766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://windows13update.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK style.min.css
windows13update.com/wp-includes/css/dist/block-library/ 50 KB
50 KB 245ms
94ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Tue, 23 Feb 2021 01:12:28 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51338

GET
H/1.1 200
OK styles.css
windows13update.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
2 KB 259ms
94ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 03 Feb 2021 17:14:23 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1920

GET
H/1.1 200
OK style.min.css
windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
679 B 279ms
93ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.16
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 438

GET
H/1.1 200
OK screen.min.css
windows13update.com/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
5 KB 282ms
93ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.16
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5103

GET
H/1.1 200
OK font-awesome.min.css
windows13update.com/wp-content/themes/newsphere/assets/font-awesome/css/ 30 KB
31 KB 284ms
94ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/font-awesome/css/font-awesome.min.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31000

GET
H/1.1 200
OK bootstrap.min.css
windows13update.com/wp-content/themes/newsphere/assets/bootstrap/css/ 118 KB
119 KB 284ms
94ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/bootstrap/css/bootstrap.min.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 121224

GET
H/1.1 200
OK swiper.min.css
windows13update.com/wp-content/themes/newsphere/assets/swiper/css/ 19 KB
20 KB 352ms
93ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/swiper/css/swiper.min.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19778

GET
H/1.1 200
OK sidr.bare.css
windows13update.com/wp-content/themes/newsphere/assets/sidr/css/ 276 B
516 B 371ms
93ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/sidr/css/sidr.bare.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 115a07095f6af9aac9e59bae64ec5cfd4a79fc942b59da1a3135320d39ed8074

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 276

GET
H/1.1 200
OK magnific-popup.css
windows13update.com/wp-content/themes/newsphere/assets/magnific-popup/ 7 KB
7 KB 375ms
93ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/magnific-popup/magnific-popup.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6951

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin,latin-ext

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

970a63e7e2dbafa1dd8adf2be86c2a8f96580161dd5b725c78636ac2aac5f291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 05:02:22 GMT
server: ESF
date: Sun, 21 Mar 2021 05:06:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:06:11 GMT

GET
H/1.1 200
OK style.css
windows13update.com/wp-content/themes/newsphere/ 131 KB
131 KB 446ms
93ms Stylesheet
text/css 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/style.css?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 134063b4f663df1bd86aca7a2cdee302a367421b185e7381b3a9dde527210d6d

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 134079

GET
H/1.1 200
OK jquery.min.js Show response
windows13update.com/wp-includes/js/jquery/ 87 KB
88 KB 459ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Thu, 04 Feb 2021 05:49:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 89496

GET
H/1.1 200
OK jquery-migrate.min.js Show response
windows13update.com/wp-includes/js/jquery/ 11 KB
11 KB 464ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:11 GMT
Last-Modified: Thu, 04 Feb 2021 05:49:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11224

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 31ms
9ms Script
text/javascript 2600:9000:2182:b000:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b000:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d5059f32fbb319603fd421035ba8ae20f2a80c2978279efb10cba65961bdcfe9

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:04:32 GMT
content-encoding: gzip
age: 99
etag: W/"192cc-S85VNqqDcmpq46cMbazrSJLaAD0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 5r2TlldcN0JCzBe8Ti-XdhtJq_eydLQPqFKLIVGyyxFThZO0x0_psw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H/1.1 200
OK cropped-unnamed.png
windows13update.com/wp-content/uploads/2021/01/ 9 KB
9 KB 103ms
93ms Image
image/png 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2021/01/cropped-unnamed.png
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: fa5d13c80aac88e70ec71c876a5259c55406aa5963c448b0e4f2b8acb8416cf9

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 06:10:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9214

GET
H/1.1 200
OK windows-12-home-and-professional-release-date-150x150.png
windows13update.com/wp-content/uploads/2021/02/ 22 KB
22 KB 131ms
93ms Image
image/png 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2021/02/windows-12-home-and-professional-release-date-150x150.png
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 092d306b241e65444962b3c5567755731c98da611c82912d12db554944e452ef

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 07:49:25 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22250

GET
H/1.1 200
OK 02W1SHhUrxSBHXsy4OohobE-1..1600872146-150x150.jpg
windows13update.com/wp-content/uploads/2020/11/ 4 KB
5 KB 135ms
93ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/02W1SHhUrxSBHXsy4OohobE-1..1600872146-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 053151b6e65ec3f72a92b3b37c5272f9bdb078cb3c79a932f7dfd2fd534a6fc3

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 03 Nov 2020 06:17:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4515

GET
H/1.1 200
OK download-2-150x150.jpg
windows13update.com/wp-content/uploads/2020/11/ 7 KB
7 KB 130ms
93ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/download-2-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: f1a1bb9798f869f449e3037d11294bbd9a220859a75ec75ec4d153ece778c0db

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 03 Nov 2020 05:44:34 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7189

GET
H/1.1 200
OK Printer_Attention_Required-1-150x150.jpg
windows13update.com/wp-content/uploads/2020/11/ 4 KB
4 KB 93ms
93ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/Printer_Attention_Required-1-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 9736c732470a85fb5bed1c9d676089a1edc722242466a07dbc69514818ea27bf

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 03 Nov 2020 05:17:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4193

GET
H/1.1 200
OK hqdefault-1-150x150.jpg
windows13update.com/wp-content/uploads/2020/11/ 4 KB
5 KB 93ms
93ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/hqdefault-1-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: aa21972b89e8119783b7b4cc5ef60bf91a0a71f5846a08d7a34aa95f39b55b1b

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Mon, 02 Nov 2020 07:31:40 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4465

GET
H/1.1 200
OK windows-12-home-and-professional-release-date.png
windows13update.com/wp-content/uploads/2021/02/ 137 KB
137 KB 94ms
93ms Image
image/png 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2021/02/windows-12-home-and-professional-release-date.png
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: fc03940e069f45940491e60b6195876b1263d2d466d93da2159e465be8c6d934

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 07:49:25 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 140150

GET
H/1.1 200
OK 02W1SHhUrxSBHXsy4OohobE-1..1600872146.jpg
windows13update.com/wp-content/uploads/2020/11/ 56 KB
57 KB 99ms
99ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/02W1SHhUrxSBHXsy4OohobE-1..1600872146.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 932f1b849a748822693eab25b21506e777071833dbcfd9850c4027238fc1d0c4

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 03 Nov 2020 06:17:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 57743

GET
H/1.1 200
OK download-2.jpg
windows13update.com/wp-content/uploads/2020/11/ 15 KB
16 KB 98ms
98ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/download-2.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 39cb57d1c4a102577184eb7c292970dd6e7476864fb16eed287a9a3bc56f619f

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 03 Nov 2020 05:44:34 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 15823

GET
H/1.1 200
OK Printer_Attention_Required-1.jpg
windows13update.com/wp-content/uploads/2020/11/ 18 KB
19 KB 99ms
98ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/Printer_Attention_Required-1.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 1d38e43858602e1d3b4a77b13e45edd4c2665c118ad60407ea3f8ffb3a42040d

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 03 Nov 2020 05:17:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 18795

GET
H/1.1 200
OK hqdefault-1.jpg
windows13update.com/wp-content/uploads/2020/11/ 17 KB
17 KB 98ms
98ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/11/hqdefault-1.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 0279fa1edc07d750093f95b609a55980dabb09b25365fb1faeb9dd6a03ce6e45

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Mon, 02 Nov 2020 07:31:40 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 17598

GET
H/1.1 200
OK windows-5590-1920x1200-1-150x150.jpg
windows13update.com/wp-content/uploads/2020/02/ 3 KB
3 KB 95ms
95ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/02/windows-5590-1920x1200-1-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: da40c0d6956adbc38eef775bfc72de4ea54b859928a185ff0cb4938a3676973a

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Sun, 23 Feb 2020 11:13:07 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2567

GET
H/1.1 200
OK maxresdefault-1-150x150.jpg
windows13update.com/wp-content/uploads/2020/06/ 4 KB
4 KB 100ms
99ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/06/maxresdefault-1-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 13bbcba93f25929f3dabe1bd65682b1dbbe1ef621b21b56df47de6e186ce92e8

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Mon, 08 Jun 2020 16:11:15 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3872

GET
H/1.1 200
OK pasted-image-0-150x150.png
windows13update.com/wp-content/uploads/2020/10/ 18 KB
18 KB 100ms
99ms Image
image/png 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/10/pasted-image-0-150x150.png
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 22e8122d45b2535a0b650b365062f2f93fd6cb3eb1d6e4ada6079e920fdda485

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Tue, 20 Oct 2020 06:26:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 18573

GET
H/1.1 200
OK fix-your-windows-10-printer-136411318176402601-161116100446-1-150x150.jpg
windows13update.com/wp-content/uploads/2020/10/ 6 KB
6 KB 98ms
98ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/10/fix-your-windows-10-printer-136411318176402601-161116100446-1-150x150.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: e9d8c779d5aea92f5c0dde9a35c344f7abb03331601273c415521b20df260f2e

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 29 Oct 2020 10:42:55 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5837

GET
H/1.1 200
OK co-windows-11-khong-3.jpg
st.quantrimang.com/photos/image/2019/12/17/ 46 KB
47 KB 1220ms
479ms Image
image/jpeg 115.146.123.245
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.quantrimang.com/photos/image/2019/12/17/co-windows-11-khong-3.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 115.146.123.245 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0f75bb7cd1291fee551d3dd2088378147c4d5071dac085805a397ebee1c38287

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:05:55 GMT
Last-Modified: Mon, 10 Aug 2020 12:18:58 GMT
Server: Microsoft-IIS/8.5
ETag: "12abb16c106fd61:0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 47601

GET
H/1.1 200
OK windows-12-home-and-professional-release-date-720x380.png
windows13update.com/wp-content/uploads/2021/02/ 211 KB
211 KB 94ms
94ms Image
image/png 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2021/02/windows-12-home-and-professional-release-date-720x380.png
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 22d465501cb6b35aab32a38da414ee2e86b1cf773ea8be86029dd7d9c5e93676

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 07:49:25 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 216056

GET
H/1.1 200
OK scripts.js Show response
windows13update.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
14 KB 93ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 03 Feb 2021 17:14:23 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14280

GET
H/1.1 200
OK navigation.js Show response
windows13update.com/wp-content/themes/newsphere/js/ 3 KB
3 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/js/navigation.js?ver=20151215
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: adcfbd65e24e385bff72e8c5453dea2683b45905a53d00884ad9a26e752b20fc

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2969

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
windows13update.com/wp-content/themes/newsphere/js/ 685 B
939 B 97ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 685

GET
H/1.1 200
OK swiper.min.js Show response
windows13update.com/wp-content/themes/newsphere/assets/swiper/js/ 125 KB
125 KB 97ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/swiper/js/swiper.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: eb654e34e9f5d74d89c677af3c621d8437d98a8b70c4c57508a21b2d8d2095f5

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 127896

GET
H/1.1 200
OK bootstrap.min.js Show response
windows13update.com/wp-content/themes/newsphere/assets/bootstrap/js/ 57 KB
57 KB 98ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/bootstrap/js/bootstrap.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 58031

GET
H/1.1 200
OK jquery.sidr.min.js Show response
windows13update.com/wp-content/themes/newsphere/assets/sidr/js/ 9 KB
9 KB 97ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/sidr/js/jquery.sidr.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 9cfc72f87bf1597df4da24dab70a531fc8666984b1393411d845b8e3cc68638f

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9037

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
windows13update.com/wp-content/themes/newsphere/assets/magnific-popup/ 20 KB
20 KB 94ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/magnific-popup/jquery.magnific-popup.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 20218

GET
H/1.1 200
OK jquery.matchHeight.min.js Show response
windows13update.com/wp-content/themes/newsphere/assets/jquery-match-height/ 3 KB
4 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/jquery-match-height/jquery.matchHeight.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3380

GET
H/1.1 200
OK jquery.marquee.js Show response
windows13update.com/wp-content/themes/newsphere/assets/marquee/ 22 KB
23 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/marquee/jquery.marquee.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 02decb76d37d026d332be0228facdbdf013a429f404a9283bf37fcc3cda99cbd

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 22865

GET
H/1.1 200
OK theia-sticky-sidebar.min.js Show response
windows13update.com/wp-content/themes/newsphere/assets/theiaStickySidebar/ 5 KB
5 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: d617fafbbb3d8e05d94b146ee8efd33122393722026dac23b405bc3b1a115b21

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5372

GET
H/1.1 200
OK script.js Show response
windows13update.com/wp-content/themes/newsphere/assets/ 21 KB
21 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/script.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 9b4beddbfe941192e4f55cc1759397aaaa6dab53e74bc6e51e2e1bb3f2c2e6b5

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 21118

GET
H/1.1 200
OK pagination-script.js Show response
windows13update.com/wp-content/themes/newsphere/assets/ 6 KB
6 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/pagination-script.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: f6cafe95006784fd2a17f6565b0649a604e9b2e2fc7f17f19a281cfea796d36f

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5647

GET
H/1.1 200
OK wp-embed.min.js Show response
windows13update.com/wp-includes/js/ 1 KB
2 KB 94ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 05:49:54 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1426

GET
H/1.1 200
OK jquery.smooth-scroll.min.js Show response
windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/ 5 KB
5 KB 93ms
93ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5052

GET
H/1.1 200
OK js.cookie.min.js Show response
windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 2 KB
3 KB 94ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2535

GET
H/1.1 200
OK jquery.sticky-kit.min.js Show response
windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 3 KB
3 KB 94ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2892

GET
H/1.1 200
OK front.min.js Show response
windows13update.com/wp-content/plugins/easy-table-of-contents/assets/js/ 5 KB
5 KB 94ms
94ms Script
application/javascript 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.16-1612417736
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5328

GET
H2 200 5f789574ebd35b00126ccf43.js Show response
buttons-config.sharethis.com/js/ 30 B
406 B 415ms
394ms Script
text/javascript 2600:9000:2182:3e00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f789574ebd35b00126ccf43.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 21 Mar 2021 05:06:13 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
last-modified: Sat, 03 Oct 2020 15:15:02 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "e6e1643313740711175f51662a65b42f"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: o9yNlevyRyMWSKn0JCfy5Cg65416G471r4Wpz0hx90Ezo22-YRoGxg==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows13update.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 368379
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 16 Mar 2022 22:46:33 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
windows13update.com/wp-content/themes/newsphere/assets/font-awesome/fonts/ 75 KB
76 KB 126ms
94ms Font
font/woff2 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/themes/newsphere/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: windows13update.com
URL: https://windows13update.com/wp-content/themes/newsphere/assets/font-awesome/css/font-awesome.min.css?ver=5.6.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://windows13update.com
Referer: https://windows13update.com/wp-content/themes/newsphere/assets/font-awesome/css/font-awesome.min.css?ver=5.6.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Wed, 27 Jan 2021 05:54:29 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 77160

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v12/ 36 KB
36 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v12/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows13update.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:01:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:48:29 GMT
server: sffe
age: 245054
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36444
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:01:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows13update.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:37:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 394120
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Wed, 16 Mar 2022 15:37:32 GMT

GET
H/1.1 200
OK windows-5590-1920x1200-1-1024x640.jpg
windows13update.com/wp-content/uploads/2020/02/ 25 KB
25 KB 93ms
92ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/02/windows-5590-1920x1200-1-1024x640.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: cf5fa855311d9d6c1aefb4a9a1575cd1110a37be9cd1c84b161c9391f339554e

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Sun, 23 Feb 2020 11:13:07 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 25165

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame FD26 2 KB
1 KB 32ms
8ms Document
text/html 2600:9000:2182:7c00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7c00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sun, 21 Mar 2021 04:18:21 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Q5N53UyCkUnDjCpAR0zYVEVUa1w5kJyDTYJr6Nf--GhRgj-BNvclOQ==
age: 2871

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin,latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://windows13update.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 80996
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 20 Mar 2022 06:36:16 GMT

GET
H/1.1 200
OK Skachat-besplatno-Windows-11-s-litsenziei-4-1024x683-1.jpg
windows13update.com/wp-content/uploads/2020/10/ 22 KB
22 KB 93ms
93ms Image
image/jpeg 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windows13update.com/wp-content/uploads/2020/10/Skachat-besplatno-Windows-11-s-litsenziei-4-1024x683-1.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 0884b6a53628430457e79e24b432b83eb4e159edc28520876b13d5fbc4eec8d9

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 08 Oct 2020 13:37:39 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 22473

GET
H/1.1 200
OK co-windows-11-khong-2.jpg
st.quantrimang.com/photos/image/2019/12/17/ 43 KB
43 KB 1223ms
499ms Image
image/jpeg 115.146.123.245
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.quantrimang.com/photos/image/2019/12/17/co-windows-11-khong-2.jpg
Requested by: Host: windows13update.com
URL: https://windows13update.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 115.146.123.245 , Viet Nam, ASN38732 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ee57509d67d3651bac284cc97d7d6c1eb800f01077be9b0568f8e6ccd0599130

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:05:55 GMT
Last-Modified: Mon, 10 Aug 2020 12:09:13 GMT
Server: Microsoft-IIS/8.5
ETag: "b0c2e3ff6fd61:0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 43589

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3848771511014962&plah=windows13update.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame FEFA 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 18:01:35 GMT
expires: Sat, 03 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 39877
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
341 B 96ms
24ms XHR
text/plain 3.124.48.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=windows13update.com&location=%2F&product=ga&url=https%3A%2F%2Fwindows13update.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Windows%2013%20ISO%20Download%2064%20bit%20Releases%20date%202021%20Microsoft&cms=unknown&publisher=5f789574ebd35b00126ccf43&sop=true&bsamesite=true&consent_cookie_duration=248&consent_duration=248&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Download%20windows%2013%20ISO%20full%20version%2032%20bit%2064%20bit%20available%20free%2C%20Upgrade%20your%20windows%2013%20with%20New%20Operating%20system%20Windows%2013%20Beta%20Version%202020%20ISO%20Download%20Windows%2013%20release%20date%202020
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.48.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-48-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://windows13update.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
647 B 86ms
31ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=windows13update.com&callback=_gfp_s_&client=ca-pub-3848771511014962

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3848771511014962&plah=windows13update.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

77eeab07cb347d7b4897226e3d4b2fd49c8b399721c0af89971b2f0f41d882a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 41ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows13update.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows13update.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 14ms
13ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwindows13update.com%2F&tn=DIV&id=af-preloader&ign=false

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5B5 24 KB
2 KB 50ms
50ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&adk=1812271804&adf=3025194257&lmt=1616303172&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows13update.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616303172293&bpp=17&bdt=804&idt=102&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8620603123729&frm=20&pv=2&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a24dddfcfa261c74698763bd46eb6273523afb77a2ed32b287ac7d04432f5ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3848771511014962&output=html&adk=1812271804&adf=3025194257&lmt=1616303172&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindows13update.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616303172293&bpp=17&bdt=804&idt=102&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8620603123729&frm=20&pv=2&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:06:12 GMT
server: cafe
content-length: 1697
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:21:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:12 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8AB3 67 KB
22 KB 277ms
276ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=9033029096&adk=1943457011&adf=4176722011&pi=t.ma~as.9033029096&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172310&bpp=4&bdt=821&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2090&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RYKpJEo9RU&p=https%3A//windows13update.com&dtd=127

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0ae7d57c9d40f1cb54eb80f92b92ae86fe7298fae59005154cf89fad21d3a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=9033029096&adk=1943457011&adf=4176722011&pi=t.ma~as.9033029096&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172310&bpp=4&bdt=821&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2090&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RYKpJEo9RU&p=https%3A//windows13update.com&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:06:12 GMT
server: cafe
content-length: 22237
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:21:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:12 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9237 112 KB
37 KB 478ms
477ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cbe8997968be175af377722157cc32c96956a2170d4a3b6ef3a20b8e5623681

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSox8POwO8CFcEe4AodhnsDYQ&gqi=RNRWYO3GHNaOgQeLkL6QBA&layout=/sadbundle/%24csp%253Der3%24/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMSox8POwO8CFcEe4AodhnsDYQ&gqi=RNRWYO3GHNaOgQeLkL6QBA&layout=/sadbundle/%24csp%253Der3%24/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:06:12 GMT
server: cafe
content-length: 36688
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:21:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:12 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0B0 71 KB
24 KB 349ms
349ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=7649289493&adk=3174500317&adf=3090239168&pi=t.ma~as.7649289493&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172315&bpp=1&bdt=826&idt=150&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=3720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=sREUMYnek7&p=https%3A//windows13update.com&dtd=153

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

948b41d1271503a82a18f665f660900849aff88e4c3da3334b653837d949b74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=7649289493&adk=3174500317&adf=3090239168&pi=t.ma~as.7649289493&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172315&bpp=1&bdt=826&idt=150&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=3720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=sREUMYnek7&p=https%3A//windows13update.com&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:06:12 GMT
server: cafe
content-length: 24426
x-xss-protection: 0
set-cookie: IDE=AHWqTUmPW-6oXhM8k2YU1dp29XPQh_t74moPb9NBqSV4sSu5C-n2rakN_gER5GLMgDg; expires=Fri, 15-Apr-2022 05:06:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:12 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 42ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windows13update.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 44ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windows13update.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6F4 109 KB
33 KB 325ms
325ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deea813871892eb22844fd3de1fadec0377e13b146d62b30fd708afaa15442df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:06:12 GMT
server: cafe
content-length: 33231
x-xss-protection: 0
set-cookie: IDE=AHWqTUmhrQrC-Vvd8NP-DNVQ3uOPTbKGMFgE0SGYaQUp6u0yoQd0RquaMufRcuCKGDU; expires=Fri, 15-Apr-2022 05:06:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:12 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FBA1 104 KB
35 KB 528ms
527ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b5ed00ab7295f7782fc9f120328d891e5eb053b3831a62bbe8be33505f7067

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKbSzcPOwO8CFVcZ4AodJkYC2g&gqi=RNRWYNPnIombgAfz9LHQAg&layout=/sadbundle/%24csp%253Der3%24/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKbSzcPOwO8CFVcZ4AodJkYC2g&gqi=RNRWYNPnIombgAfz9LHQAg&layout=/sadbundle/%24csp%253Der3%24/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:06:13 GMT
server: cafe
content-length: 34304
x-xss-protection: 0
set-cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM; expires=Fri, 15-Apr-2022 05:06:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:13 GMT
cache-control: private

GET
H/1.1 200
OK ez-toc-icomoon.woff2
windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ 580 B
822 B 99ms
93ms Font
font/woff2 162.246.17.59
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2
Requested by: Host: windows13update.com
URL: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.17.59 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: server.birthdaywishesquotess.com
Software: Apache /
Resource Hash: 9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7

Request headers

Origin: https://windows13update.com
Referer: https://windows13update.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:06:12 GMT
Last-Modified: Thu, 04 Feb 2021 05:48:56 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 580

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8AB3 3 KB
1016 B 44ms
27ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=9033029096&adk=1943457011&adf=4176722011&pi=t.ma~as.9033029096&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172310&bpp=4&bdt=821&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2090&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RYKpJEo9RU&p=https%3A//windows13update.com&dtd=127

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:34:22 GMT
server: ESF
date: Sun, 21 Mar 2021 05:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8AB3 2 KB
998 B 33ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:55:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8AB3 17 KB
7 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:51:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8AB3 2 KB
1 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:01:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AB3 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8AB3 13 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:36:36 GMT

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 8AB3 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 284877
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8AB3 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChtGZRNRWYOeAHPyCx_APsM2SoA6PvMfyYcDikNmjDZ6j3Y-AERABILSktUJglYq4gsgHoAHMsMzGAcgBCakCEcZfdRBhDj6oAwHIA8sEqgTOAU_QFyXNJhxkR5MR9atUGX9Gok3qKZu56jH0y_Z31KVyUM11_Rznp5mn1J77glMKL3MsVKSCg8f2riIZglkvJiaTF_4cs9qLTru7zA2G_NsimApy_8iJ1zHOMmQIKLJj5hxSg270_mScKbo69BecOxtv5MIg-3zq6xNwHwy64iWPBN1Xj3FxEwBHeJpSyOj9_DxenEO08v4egkV9sP-smRicRNvAQkMCEZq8MCWjXqteRfMWNsU9ZwQLqWNtPtltZwMenvMDtcLiwZbETJHVwATE5d3BwwOSBQQIBBgBkgUECAUYBKAGLoAHnM-zuQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQnOD4AtIICQiA4YAQEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi0zODQ4NzcxNTExMDE0OTYy&sigh=NkE0r-yUyJI&template_id=5000&tpd=AGWhJmtOXU_zRfZsuPOZw5edGdunD41xr3s8nizYGwuKriKRKQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=9033029096&adk=1943457011&adf=4176722011&pi=t.ma~as.9033029096&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172310&bpp=4&bdt=821&idt=120&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2090&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=RYKpJEo9RU&p=https%3A//windows13update.com&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12865395567873487847/ Frame 8AB3 37 KB
37 KB 23ms
12ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12865395567873487847/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e10772b6e1eb3e4aaaf8676c4342bb23f7617ee30cfaff62a378f522339807a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:42:03 GMT
x-content-type-options: nosniff
age: 221049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37483
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 14:41:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:42:03 GMT

GET
DATA 200
OK truncated
/ Frame 8AB3 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8AB3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 150282456b6262874b5fd70c62feddaa96a75340f5188c9351e866ca4868c215

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8AB3 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 403965
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 16 Mar 2022 12:53:27 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 8AB3 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 05:29:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 171378
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 19 Mar 2022 05:29:54 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame A1F9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 154933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A0B0 3 KB
600 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=7649289493&adk=3174500317&adf=3090239168&pi=t.ma~as.7649289493&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172315&bpp=1&bdt=826&idt=150&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=3720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=sREUMYnek7&p=https%3A//windows13update.com&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:34:47 GMT
server: ESF
date: Sun, 21 Mar 2021 05:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame A0B0 2 KB
988 B 35ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:55:28 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame A0B0 17 KB
7 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:51:34 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame A0B0 2 KB
1 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:01:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0B0 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame A0B0 13 KB
6 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:36:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A0B0 0
0 15ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFxyPEb5u33gqlQnNQvytCououN70F5DsUyS9ClaKwQ7WImc8lz8zNKsfcP2DbCTSfLKPTSKOUjRKtx6f1wwEEYT0vtQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=7649289493&adk=3174500317&adf=3090239168&pi=t.ma~as.7649289493&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172315&bpp=1&bdt=826&idt=150&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=3720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=sREUMYnek7&p=https%3A//windows13update.com&dtd=153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame A0B0 25 KB
11 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 284877
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
H3-Q050 200 86645057ba4817bae9835c203c8960c4.js Show response
www.gstatic.com/mysidia/ Frame F6F4 6 KB
3 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/86645057ba4817bae9835c203c8960c4.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 240394
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2784
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:19:38 GMT

GET
H3-Q050 200 e77611775121751e5ddf2b7cc6e6ca94.js Show response
www.gstatic.com/mysidia/ Frame F6F4 144 KB
53 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e77611775121751e5ddf2b7cc6e6ca94.js?tag=video_mra/web_raspberry

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481e249c297579db673cce6f5c6d7f1fcd55c3eb2f7c1e611efae2e67ace843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 240394
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54730
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:19:38 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F6F4 3 KB
600 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:35:20 GMT
server: ESF
date: Sun, 21 Mar 2021 05:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F6F4 3 KB
601 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:36:37 GMT
server: ESF
date: Sun, 21 Mar 2021 05:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:06:12 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/569716811414863595/ Frame A0B0 40 KB
41 KB 30ms
23ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/569716811414863595/downsize_200k_v1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee04b2c2a65168e8357ca9bfaacd11e99edfca5ef9301a5b91a5677a870ed74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 21:34:59 GMT
x-content-type-options: nosniff
age: 545473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41416
x-xss-protection: 0
last-modified: Wed, 09 Jan 2019 23:11:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 21:34:59 GMT

GET
DATA 200
OK truncated
/ Frame A0B0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame A0B0 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMhB-RNRWYOjeHdrE-gaIrbqAD4m1uOBh3tvc_pUN2tkeEAEgtKS1QmCViriCyAegAf2Q8_sCyAEJqAMByAPLBKoE0AFP0Le4xAGmSsO3FZCDNr_vchSFXC3zGyd_s_zYxvPivZFjloiZn1IkhDttR_HxkWJDPxIFEfHZbJMjIcbIlt_3Mqw6Rp1XJ6XRN4hsQ_3fX9zToA0YdsmhnG9I5gX-r3to7PxxK_RJRH51uEDFRErFe05C5pPk801BksI3E1m0s42K7NECupZhZseO93wsH5Njbyk8hyeIbCmoAzMzuKELmcfAdUHncuMZcEm3itQQJOCjsY4UfaSo8Slr4ktZHDrrWm84n6WQ5FFb8VgDKgwmwAS516WqyAOSBQQIBBgBkgUECAUYBKAGLoAH6-6MhAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQy_OkBtIICQiA4YAQEAEYH4AKAcgLAdgTArIXGgoYCAASFHB1Yi0zODQ4NzcxNTExMDE0OTYy&sigh=JLvdHKGRE3M&template_id=5000&tpd=AGWhJmsveJGLVtRV9giCx4d1mUVygYgnYVzdImPVogLtdo1UZQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=7649289493&adk=3174500317&adf=3090239168&pi=t.ma~as.7649289493&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172315&bpp=1&bdt=826&idt=150&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=3720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=sREUMYnek7&p=https%3A//windows13update.com&dtd=153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F6F4 2 KB
923 B 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:55:28 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame F6F4 17 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:51:34 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F6F4 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:01:07 GMT

GET
H3-Q050 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F6F4 67 B
177 B 9ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 03:52:27 GMT
x-content-type-options: nosniff
server: cafe
age: 4426
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 22 Mar 2021 03:52:27 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6F4 117 KB
36 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:13 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F6F4 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:36:36 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F6F4 0
0 43ms
28ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBJYyzp1l6QxqDPsm0hVn8FWFXyKiT2suDsTz3tvmnuHvFQlHbq9J-wyrjH47k2_9AYPzyXKUgRTjntbeBJERgQ5JXuA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame F6F4 25 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 284878
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B51A 1 KB
945 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 21 Mar 2021 03:14:09 GMT
expires: Mon, 22 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 6724
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A0B0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb93a8e82bf6eb0b41a37924ca0427735bcf8f55e4ce6c75906afe2713d15aa3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A0B0 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 403966
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 16 Mar 2022 12:53:27 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A0B0 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 05:29:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 171379
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 19 Mar 2022 05:29:54 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12147826245622048278/ Frame F6F4 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12147826245622048278/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e162d95ae48706dece13ea28076348ce557c1b9914a5f82acc88569cfb32299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:00:12 GMT
x-content-type-options: nosniff
age: 389161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2102
x-xss-protection: 0
last-modified: Tue, 04 Dec 2018 12:13:12 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:00:12 GMT

GET
DATA 200
OK truncated
/ Frame F6F4 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame F6F4 0
331 B 87ms
30ms Other
image/gif 2a00:1450:4002:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kmip6e5j&c=3997341932810&slotId=1998670966405&qqid=CLS1zcPOwO8CFU6uewodXl0MyQ&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e77611775121751e5ddf2b7cc6e6ca94.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9738471280933297001/ Frame F6F4 32 KB
32 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9738471280933297001/downsize_200k_v1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32a35b4ca45b1efd6ff51a9c04f1b1f02f2c0e8182d82644aafdee335ca22c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 06:49:25 GMT
x-content-type-options: nosniff
age: 512208
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32773
x-xss-protection: 0
last-modified: Tue, 04 Dec 2018 13:09:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 06:49:25 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame F6F4 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAfVLRNRWYLSDI87c7gPeurHIDIm1uOBh2_LtrqEN2tkeEAEgtKS1QmCViriCyAegAf2Q8_sCyAEJqAMByAPLBKoE0AFP0O3lw4a70dv6h7HGv9V73je4rWI_69vU29PDt0TfvVj4-7kquhZ0wgmCjWf-yPWuWv09I84J-X0JDnZ17TJDK9Rtao94UVDKLz-Kjd__GMruFb838IDaZVYUTDvMM5IVnWox7_2Tz5gowIa502FRFued2iqEmV18GMFozn5kR52UYSHbg1W7W8RX-1vOew77VgG06hvrgCjfdoQ9TxXBGiZDzzegcqd2xCZebrhtTJkrFx0rBmmTKZJN_fe1dw1CBhzDQsbAAN8jzFgqcQ1ywATx1aWqyAOSBQQIBBgBkgUECAUYBKAGLoAH6-6MhAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH8OAbqAfulrECqAemvhuoB-zVG9gHAPIHBBDIvTnSCAkIgOGAEBABGB-ACgHICwHYEwKyFxoKGAgAEhRwdWItMzg0ODc3MTUxMTAxNDk2Mg&sigh=xuRkPDvrF7c&template_id=3484&tpd=AGWhJmt-3TQFSh_C5tq3C9zyvr2qkRHY32JVzO7rzwI6nvYUgA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:06:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 970x250_Performace_Stock_CYSEC.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/ Frame EFF3 378 KB
47 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08471f94282be18f5009b8d9878c89407aa9f84f651872dea7e04cabb3f77b47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 17 Mar 2021 00:50:52 GMT
expires: Thu, 17 Mar 2022 00:50:52 GMT
last-modified: Tue, 16 Mar 2021 14:27:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 46336
age: 360921
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A6B 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsevERNRWYMT2HMG9gAeG942IBq_Yg_VhzYTMlaQNhd2jp9kCEAEgtKS1QmCViriCyAegAercgNECyAEJqQIaA5w9Y_upPqgDAcgDSKoEzgFP0ImUgPfivMH2xfYKedIqefHhUWMCOpCYKcTYRdfoUuwT51NFqvdxKMg4Bd2P7VlF_XAIxse9GZoLdKvzM5cmh6Gqdss7Ex_kssyqdMdkowHObCDH7ZPtUPVFIYn_NF5hJ4QskTRf8sdYR_7sPcC3iLEwQiFuIw86KQdGRq-wSYvcapA_GGEsEexXv9asf8Z2A-hg5mYo8jAEb2rd5yzCAzkY1WTM6qPy_aX-qbByjNNXlScON2_o8ygi7oVzn3saRbda0unGRqFt4qWGeMAE-8HKxKQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEODKqwHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzg0ODc3MTUxMTAxNDk2Mg&sigh=UgXtfZbeb4k&template_id=419&tpd=AGWhJmvrnLZa1a4sYKulENhu6wTxQBZ1feSeMrzWinRYXN9Xvw

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:06:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8A6B 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:51:34 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8A6B 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:01:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A6B 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:13 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8A6B 13 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:36:36 GMT

GET
H3-Q050

206

videoplayback
r1---sn-4g5ednld.gvt1.com/ Frame F6F4
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=98cfc9aa4a915a9f&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1616310372&sparams=ip,ipbits,expire,id,...
https://r1---sn-4g5ednld.gvt1.com/videoplayback?id=98cfc9aa4a915a9f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1616310372&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

860 KB
861 KB

93ms
82ms

Media
video/mp4

2a00:1450:4001:5d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednld.gvt1.com/videoplayback?id=98cfc9aa4a915a9f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1616310372&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7AB4695571E26DDF6B1F8FA2E8387170DCD64C43.2A2AB446DCD537CEC1D5CB73D5DF9C657171E779&key=cms1&cms_redirect=yes&mh=1D&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5ednld&ms=nvh&mt=1616302423&mv=u&mvi=1&pl=47

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8f0e880ec1f6afa8ed23ea8b2aa8c4ce9e089548c1c3d588a9b6f9458efdec7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 01:39:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-880902/880903
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 880903
expires: Sun, 21 Mar 2021 05:06:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5ednld.gvt1.com/videoplayback?id=98cfc9aa4a915a9f&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1616310372&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7AB4695571E26DDF6B1F8FA2E8387170DCD64C43.2A2AB446DCD537CEC1D5CB73D5DF9C657171E779&key=cms1&cms_redirect=yes&mh=1D&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5ednld&ms=nvh&mt=1616302423&mv=u&mvi=1&pl=47
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AED6 143 B
216 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 04:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1487
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4321 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 21 Mar 2021 03:14:09 GMT
expires: Mon, 22 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 6724
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F6F4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37e57ff0a35be5409ccc02192e960aa94ac20c17fec3aeb5db50d8c73020f340

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame F6F4 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&adk=988125368&adf=882279310&pi=t.aa~a.129677004~rp.1&w=371&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=371x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=2&bdt=1049&idt=-M&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280&nras=2&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1064&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=PP5Jw9pH2V&p=https%3A//windows13update.com&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 20:51:22 GMT
x-content-type-options: nosniff
server: cafe
age: 29691
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
expires: Sun, 21 Mar 2021 20:51:22 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 419D 143 B
188 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=280&slotname=5406269535&adk=1443166172&adf=2418303907&pi=t.ma~as.5406269535&w=879&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616303172314&bpp=1&bdt=826&idt=139&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280&nras=1&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=165&ady=2527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ps3iywWoia&p=https%3A//windows13update.com&dtd=143

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 04:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1487
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8A6B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2e8d861cc0c1e3bd51c14af3eb035a84002fc6c053295619817a30595ff7840

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F6F4 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 403966
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 16 Mar 2022 12:53:27 GMT

GET
H3-Q050 200 300x250_Performance_Stock_CYSEC.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/ Frame 5073 376 KB
45 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4c6cd3eade63c30c1b28dde23349887fa726430fe1de72ac17b595a2c45863

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 15 Mar 2021 05:45:17 GMT
expires: Tue, 15 Mar 2022 05:45:17 GMT
last-modified: Mon, 15 Mar 2021 05:20:20 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 46163
age: 516056
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A80 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3s7CRNRWYKagI9eygAemjInQDa_Yg_VhjYLMlaQNhd2jp9kCEAEgtKS1QmCViriCyAegAercgNECyAEJqQIaA5w9Y_upPqgDAcgDSKoEzgFP0L-C79IhYyNLwY4nQ0boKkuxxw9tXr2xEIezYYR9idEwADOZXQoFoPPftbcQX7AODvldXqsJmS0APR1kiRwV8z-BMsidKcNAHPKJRntkQ6VZepBqB3KPRlI_xrU111hvdiyob9jbfxXGOoR38OP1O_2rA2vKRVvfBAW56_i9LGP1JHq1y10xg1NgmB56B9rxvns72snf3WQMpzaA4LQVQMmwEBSmH-Zzfo143nvfT-wa-zlyp32zPjxBaf3_LDEqxVzeUs_aOVVKLSshRcAE-8HKxKQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFENHeiwHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzg0ODc3MTUxMTAxNDk2Mg&sigh=xgmFRI4NmHI&template_id=419&tpd=AGWhJmuuSdjFNP5ci_9gLSpRHN-HryjZF3RnhvnI1pn_qRT8yQ

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:06:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 2A80 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:51:34 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 2A80 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:01:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A80 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:13 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 2A80 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 04:36:36 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 2A80 0
0 15ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqAyGzH-PtPfp_EX5dA5rzS5OG_E-_mFb2KERr-Op6dbcPHZ8_akETOsZ5uwhbNMVrB3nGenrf_yheIrysclwpXVet5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EFF3 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EFF3 22 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9684695713438021151/970x250_Performance_Stock_CYSEC/970x250_Performace_Stock_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 13:07:30 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B51A
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIe6oU4...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIe6oU4...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQyNjgxNjkyMDUyODE1Mg%3D%3D&google_push=AQvitUIe6oU4RTn5FlueFmQo5J5sbd7ABmART3or_Nbc0F_yx2YsR4t85qQiXVx63AkPic...

170 B
213 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQyNjgxNjkyMDUyODE1Mg%3D%3D&google_push=AQvitUIe6oU4RTn5FlueFmQo5J5sbd7ABmART3or_Nbc0F_yx2YsR4t85qQiXVx63AkPicfhWlOktoaYbQj34AW_CknLrwHLMw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQyNjgxNjkyMDUyODE1Mg%3D%3D&google_push=AQvitUIe6oU4RTn5FlueFmQo5J5sbd7ABmART3or_Nbc0F_yx2YsR4t85qQiXVx63AkPicfhWlOktoaYbQj34AW_CknLrwHLMw
Pragma: no-cache
Date: Sun, 21 Mar 2021 05:06:14 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B51A
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJdehwZ4rFMNvsZ6SG_uB9A&google_cver=1&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY
https://rtb.openx.net/sync/dds?google_gid=CAESEJdehwZ4rFMNvsZ6SG_uB9A&google_cver=1&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY&google_hm=67sJPWMoyfYKY6yRzUXJLg==

170 B
190 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY&google_hm=67sJPWMoyfYKY6yRzUXJLg==

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:12 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKI8trDtxYOvGoI8VSQpxtnOwhrF3hWXbwEQoj_-pX5waRjhKVs2Ma5HL-99r1xTHyvnhELWv5GpeONZOIXluo0uNLZUBY&google_hm=67sJPWMoyfYKY6yRzUXJLg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: v3uf796pt8k8pd7hv4ndvc7f164f4l4b

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B51A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

39ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJKnI1ZxR1KYZCTPHFJjFoJCeQwP1ibowhsTNqsVnvGadvYbO3-VAl5TL57pB2rQxPxrQPTCGzhhMsyO6npY2N1LV9RMA

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJKnI1ZxR1KYZCTPHFJjFoJCeQwP1ibowhsTNqsVnvGadvYbO3-VAl5TL57pB2rQxPxrQPTCGzhhMsyO6npY2N1LV9RMA
Date: Sun, 21 Mar 2021 05:06:13 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B51A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOFKC0IKnwAIPW1IuBxVsIM&google_cver=1&google_push=AQvitUIXVmw0xAO8UhohOo0X6xCkDTs4v3nZPL_ywMfEC2-ccGcKvNBZrtwEozgWeSGgFMsu9Wo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFRkktMy1DMU1P&google_push=AQvitUIXVmw0xAO8UhohOo0X6xCkDTs4v3nZPL_ywMfEC2-ccGcKvNBZrtwEozgWeSGgFMsu9WoDOszJgR9-Xmrj2WiDo_a3RN4

170 B
484 B

76ms
47ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFRkktMy1DMU1P&google_push=AQvitUIXVmw0xAO8UhohOo0X6xCkDTs4v3nZPL_ywMfEC2-ccGcKvNBZrtwEozgWeSGgFMsu9WoDOszJgR9-Xmrj2WiDo_a3RN4

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFRkktMy1DMU1P&google_push=AQvitUIXVmw0xAO8UhohOo0X6xCkDTs4v3nZPL_ywMfEC2-ccGcKvNBZrtwEozgWeSGgFMsu9WoDOszJgR9-Xmrj2WiDo_a3RN4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B51A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUJodmWVYDEOrBH-WLGc_r5bGMBJf9RC5OkadX0yGsUwweSYeowly_B-MiQvZT6Nm2cle3uLcB4MkDhDeCLg_I...

170 B
190 B

39ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUJodmWVYDEOrBH-WLGc_r5bGMBJf9RC5OkadX0yGsUwweSYeowly_B-MiQvZT6Nm2cle3uLcB4MkDhDeCLg_I_OFX_jHz4&google_cver=1&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 05:06:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUJodmWVYDEOrBH-WLGc_r5bGMBJf9RC5OkadX0yGsUwweSYeowly_B-MiQvZT6Nm2cle3uLcB4MkDhDeCLg_I_OFX_jHz4&google_cver=1&google_gid=CAESEPJyRx37i0Rf6Ini1PZinQI
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sun, 21 Mar 2021 05:06:13 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B51A
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJk2v7YTZi4zddqdLkC0H0k&google_cver=1&google_push=AQvitUKykfGB7Le9ypwc1j2m...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKykfGB7Le9ypwc1j2mVuZdJvqLzg9hec1xiEmVDJuD3UPMsK_lj-9jo8hjLsNkeW8cni9FfaElffZjcWOlvesgpznVa7g&google_hm=

170 B
190 B

38ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKykfGB7Le9ypwc1j2mVuZdJvqLzg9hec1xiEmVDJuD3UPMsK_lj-9jo8hjLsNkeW8cni9FfaElffZjcWOlvesgpznVa7g&google_hm=

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKykfGB7Le9ypwc1j2mVuZdJvqLzg9hec1xiEmVDJuD3UPMsK_lj-9jo8hjLsNkeW8cni9FfaElffZjcWOlvesgpznVa7g&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sat, 20 Mar 2021 05:06:13 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B51A 0
236 B 86ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZ3l2KdIHWZi0J6XtuZtKC5XJjDklqId8MAnbJPIXS-zohFbvHJIjRdJvEJ0pSvn8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4ECF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 154934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBB9 143 B
169 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3848771511014962&output=html&h=200&adk=3647033041&adf=1311694041&pi=t.aa~a.237511901~rp.2&w=351&fwrn=4&fwrnh=100&lmt=1616303172&rafmt=1&to=qs&pwprc=7626486486&psa=0&format=351x200&url=https%3A%2F%2Fwindows13update.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1616303172537&bpp=1&bdt=1048&idt=1&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C879x280%2C879x280%2C879x280%2C371x280&nras=3&correlator=8620603123729&frm=20&pv=1&ga_vid=2101468920.1616303172&ga_sid=1616303172&ga_hid=407929435&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1074&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739387&oid=3&pvsid=2417498396609798&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=9oIwzNskL1&p=https%3A//windows13update.com&dtd=24

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 04:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1487
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4321 35 B
463 B 24ms
7ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO7ATsj09Aij7Hb2tY50wGI&google_cver=1&google_push=AQvitULYrqOgt3bewzOQyDIilzDXAntcwb1ZBR2ALjcLnJYDVCW-UDAYdwhZqFT8QToYoDwCx0lTTX7xHdXdxGzjqBMg-pfbVyc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJbE9as...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJbE9as...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQzMTM0Nzk4Njg4MDA4Ng%3D%3D&google_push=AQvitUJbE9asecwgoeZEFtMi0YqNuPtClU-UYR3CdcwEmtJry_Cyf6EdFWh4lgwt-Cx2v6...

170 B
190 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQzMTM0Nzk4Njg4MDA4Ng%3D%3D&google_push=AQvitUJbE9asecwgoeZEFtMi0YqNuPtClU-UYR3CdcwEmtJry_Cyf6EdFWh4lgwt-Cx2v6rKjQdcwVA-8hsqTfxZcP_GI6u18hM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjEwNTA2MTQzMTM0Nzk4Njg4MDA4Ng%3D%3D&google_push=AQvitUJbE9asecwgoeZEFtMi0YqNuPtClU-UYR3CdcwEmtJry_Cyf6EdFWh4lgwt-Cx2v6rKjQdcwVA-8hsqTfxZcP_GI6u18hM
Pragma: no-cache
Date: Sun, 21 Mar 2021 05:06:14 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEH7Mj2ipZoI_yottBgYib_Y&google_cver=1&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA
https://rtb.openx.net/sync/dds?google_gid=CAESEH7Mj2ipZoI_yottBgYib_Y&google_cver=1&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA&google_hm=67sJPWMoyfYKY6yRzUXJLg==

170 B
190 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA&google_hm=67sJPWMoyfYKY6yRzUXJLg==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJysV60qF38FaaQeUtKR8UznoAiis2TGeV728B0UT-yaQBuSoaglSdkgNXEf94MVPpdv4MrAzNxAgBqBspo713S0cSqZcA&google_hm=67sJPWMoyfYKY6yRzUXJLg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: djqf9rsakqgc6a7imhavkff381njbajb

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL8PT1LcuyoqCGLildjjdtLNu8m8uj697q8xjZLtMhWAkqtbpqay9gAZ6Ow1tMKVdjOG_5Wwk4k1fCH_QnnRnXvL-YgIyk

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ce-k-DVHR7Wu1FPAC5f7eA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL8PT1LcuyoqCGLildjjdtLNu8m8uj697q8xjZLtMhWAkqtbpqay9gAZ6Ow1tMKVdjOG_5Wwk4k1fCH_QnnRnXvL-YgIyk
Date: Sun, 21 Mar 2021 05:06:13 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIctFvAAML_FfZNAJiCSWdM&google_cver=1&google_push=AQvitUKEC_OI8ZumhrAc5VZ1AQ2vIx2pJNe3i9uwacpBjjIP-87cfEZQk5138p4_dW1DXx6gt1G...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFR0ktMU8tRzdVSw==&google_push=AQvitUKEC_OI8ZumhrAc5VZ1AQ2vIx2pJNe3i9uwacpBjjIP-87cfEZQk5138p4_dW1DXx6gt1G86KbbdZbpxtZiDnU2TYpuLS8

170 B
190 B

41ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFR0ktMU8tRzdVSw==&google_push=AQvitUKEC_OI8ZumhrAc5VZ1AQ2vIx2pJNe3i9uwacpBjjIP-87cfEZQk5138p4_dW1DXx6gt1G86KbbdZbpxtZiDnU2TYpuLS8

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01JUDZFR0ktMU8tRzdVSw==&google_push=AQvitUKEC_OI8ZumhrAc5VZ1AQ2vIx2pJNe3i9uwacpBjjIP-87cfEZQk5138p4_dW1DXx6gt1G86KbbdZbpxtZiDnU2TYpuLS8
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUIZJ__SvfgmLYYXTvvJ4dqwP5npzozE57Q65x9dDtKsK4p_3d4K471IaRKEz32aTJtW-mzIigKigQRSkaADfh...

170 B
190 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUIZJ__SvfgmLYYXTvvJ4dqwP5npzozE57Q65x9dDtKsK4p_3d4K471IaRKEz32aTJtW-mzIigKigQRSkaADfhjRHaCK714&google_cver=1&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA

Requested by

Host: windows13update.com
URL: https://windows13update.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Mar 2021 05:06:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFbURQhQvAr0FJZE2plptwAABF4AAAAB&google_push=AQvitUIZJ__SvfgmLYYXTvvJ4dqwP5npzozE57Q65x9dDtKsK4p_3d4K471IaRKEz32aTJtW-mzIigKigQRSkaADfhjRHaCK714&google_cver=1&google_gid=CAESEGKv04UwOl8blhTuyIwy_CA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sun, 21 Mar 2021 05:06:13 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFz9zzaD02Ihx39eqEFeXhA&google_cver=1&google_push=AQvitUIY_X_GBM_SgLKdyDEZ...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_X_GBM_SgLKdyDEZSgsb-Wq7GUdxeiQU0mwVNeLCZIILb9dB-HihW-Qu7Fon7mRNVxbZN1H1ycWgMoZjnvFvMedYUReN&google_hm=

170 B
190 B

39ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_X_GBM_SgLKdyDEZSgsb-Wq7GUdxeiQU0mwVNeLCZIILb9dB-HihW-Qu7Fon7mRNVxbZN1H1ycWgMoZjnvFvMedYUReN&google_hm=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_X_GBM_SgLKdyDEZSgsb-Wq7GUdxeiQU0mwVNeLCZIILb9dB-HihW-Qu7Fon7mRNVxbZN1H1ycWgMoZjnvFvMedYUReN&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sat, 20 Mar 2021 05:06:13 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4321 0
49 B 39ms
37ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsSL-0T4VbIvfwb25SsUnAKU9TPXfAe89XRHBsFWrtn55sRxn02VKYmoOLl3lEbTRKxd0jMA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 2A80 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c890ac92e105d29ef7fa1a8f92cee84b1503589edd28abc9ec31d4dea0ededc4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 2A80 0
433 B 47ms
15ms Other
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKbSzcPOwO8CFVcZ4AodJkYC2g&gqi=RNRWYNPnIombgAfz9LHQAg&layout=/sadbundle/%24csp%253Der3%24/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AED6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
112 B

14ms
13ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:06:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 06:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:06:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5073 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5073 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 13:07:30 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 419D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:06:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 06:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:06:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame EFF3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 154934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame FDF0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 154934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
40 B

14ms
14ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:06:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 06:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:06:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:06:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5073 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 154934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9db19672f24c53d1c0f9a63c9d618612de18569366fb8f3ec22bb107c0730d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6478
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:06:13 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 1B46 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windows13update.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://windows13update.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 19:53:32 GMT
expires: Sun, 20 Mar 2022 19:53:32 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 33161
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B46 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 154934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
219 B 14ms
14ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=2417498396609798&bg=!39yl3JjNAAbUo7L91KM7ACkAdvg8Wl8h9rmZaWnnreTH7p_WO_rDn8yhvD-HWiLZbxWrJLMX_FvusgIAAACFUgAAABBoAQcKAUHDtPIe806n94fOZYY5UOgPyuXQ2XOiuNdfaToJvmFZ3PUoyr4LhSUy7tmjZtvmKgWmzpZAodgfqp47112sOPwTr0VwLKtf5BT7TqYAwPdr7BDffPblcYyjYZtayS9EpsegIeHs7tNhDvuStC-B_bKycCIKSlnCMsnA44sOKC16ELJUEtWvFPfilFdJ5VYU2p9IyZQZblb9MS-gg6VCqJN62zhW_EbasByupfX3AJj-sL2I04uB0zhjdbw1aHe9D6jMswAElvfT4IlcfnFDm611A8UrFCuvly6d9FsAvetM4RRUW8cxyw41RSqaxXzRtnyfSKRQptXZdCR1bjDOSX9GSSLXIWHo38lgG292ezZr9I81QvhLKvP03sxSpfZO2mzZ6aAdX5eJm1saz5EIZUahkYZ3JQOrpGLjyMOsSz43C-CZAc26d3fY3b5G-5Ct3riexWqwz8dVKXwNBKHWEA0XM3yCPnpAqUEqasbZm1dk1u1PnGWbieg8O4K0oqSmxaMTl-4iymJjMwfsY4KpKGrjsiLGlXS2OExoVd-JzmMfGpGYuuRlBcnprPZiQIBH3FCeNmZbOSA7lANQf5PFAJxZ8tODp1B0PeNWJ9h3eYrfKsPMTYfLgWtafj4Leg_DSeZa7d0sZ-2zBU3GjSqvOlcHTWXhNekuE-LzMBzqL0Vomt6efU8sA6Khlf7zAobzJJFmsacR10_NKaPD_A0yiS5xn4g4zeaPEJPi8CSnbRM6rwrn4la2MKUL2Cx406fSWxaZqNVfaXHlXNjfNHlmOVOJGFPhBY6HptteqUqsbXN-FfUCB3N6voMENwJHisQu-QQbBOFEIBMOFLpFSMfl1Zk_wI4JfQLvgaedd5xo3Oh5WD1ap018wlgv7g7XJk1zDYrI7Ignz9YU9VDSQdSzb6O8PJzZq-Ds0AL02D3Pgs8BoFacNL5f5jc5P4c4oShstfhOIz2uQDMnAPDbm6nje7rqmVoW5IjemlgJrh53jBuKPlunaX_tFaOBU4bhvOF12yw8Ii8IBDvE-VWx7W_yqnpppA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windows13update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame F6F4 0
318 B 185ms
56ms Other
image/gif 2a00:1450:4002:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kmip6e5t&c=3997341932810&slotId=1998670966405&qqid=CLS1zcPOwO8CFU6uewodXl0MyQ&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e77611775121751e5ddf2b7cc6e6ca94.js?tag=video_mra/web_raspberry
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4002:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:06:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:19:59	Name: IDE Value: AHWqTUmagXTYkSGeC-g9gb_JNOzzb3AA9sJIASpWydAQGauOr3HDRdMblLqLdIxKDgM
.doubleclick.net/	1970-01-19 16:58:26	Name: DSID Value: NO_DATA
.windows13update.com/	1970-01-19 16:58:23	Name: _gat Value: 1
.windows13update.com/	1970-01-20 02:19:59	Name: __gads Value: ID=3ed7f4d9065a2311-22abc9ea2ba70029:T=1616303172:RT=1616303172:S=ALNI_MaQCTgRcrOVkvkXOpWVnhtAfrkRww
.windows13update.com/	1970-01-19 16:59:49	Name: _gid Value: GA1.2.1218377565.1616303172
.windows13update.com/	1970-01-20 10:29:35	Name: _ga Value: GA1.2.2101468920.1616303172

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://windows13update.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
l.sharethis.com
mail.windows13update.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform-api.sharethis.com
r1---sn-4g5ednld.gvt1.com
redirector.gvt1.com
rtb.openx.net
ssum-sec.casalemedia.com
st.quantrimang.com
tpc.googlesyndication.com
windows13update.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
115.146.123.245
142.250.185.130
142.250.186.162
162.246.17.59
185.64.190.78
23.218.208.246
2600:9000:2182:3e00:c:abe:f440:93a1
2600:9000:2182:7c00:c:a9b7:ddc0:93a1
2600:9000:2182:b000:1c:8a07:5e80:93a1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:5d::6
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4002:805::2003
3.124.48.224
35.227.252.103
54.149.220.116
69.173.144.165
79.137.69.120
0279fa1edc07d750093f95b609a55980dabb09b25365fb1faeb9dd6a03ce6e45
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02decb76d37d026d332be0228facdbdf013a429f404a9283bf37fcc3cda99cbd
053151b6e65ec3f72a92b3b37c5272f9bdb078cb3c79a932f7dfd2fd534a6fc3
073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa
08471f94282be18f5009b8d9878c89407aa9f84f651872dea7e04cabb3f77b47
0884b6a53628430457e79e24b432b83eb4e159edc28520876b13d5fbc4eec8d9
092d306b241e65444962b3c5567755731c98da611c82912d12db554944e452ef
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e10772b6e1eb3e4aaaf8676c4342bb23f7617ee30cfaff62a378f522339807a
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f75bb7cd1291fee551d3dd2088378147c4d5071dac085805a397ebee1c38287
115a07095f6af9aac9e59bae64ec5cfd4a79fc942b59da1a3135320d39ed8074
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
134063b4f663df1bd86aca7a2cdee302a367421b185e7381b3a9dde527210d6d
13bbcba93f25929f3dabe1bd65682b1dbbe1ef621b21b56df47de6e186ce92e8
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
150282456b6262874b5fd70c62feddaa96a75340f5188c9351e866ca4868c215
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d38e43858602e1d3b4a77b13e45edd4c2665c118ad60407ea3f8ffb3a42040d
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
22d465501cb6b35aab32a38da414ee2e86b1cf773ea8be86029dd7d9c5e93676
22e8122d45b2535a0b650b365062f2f93fd6cb3eb1d6e4ada6079e920fdda485
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
32a35b4ca45b1efd6ff51a9c04f1b1f02f2c0e8182d82644aafdee335ca22c56
37e57ff0a35be5409ccc02192e960aa94ac20c17fec3aeb5db50d8c73020f340
393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371
39cb57d1c4a102577184eb7c292970dd6e7476864fb16eed287a9a3bc56f619f
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
481e249c297579db673cce6f5c6d7f1fcd55c3eb2f7c1e611efae2e67ace843d
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48d2f2f2051ebe24a13c7a331ee30963967ff3fe19426ed9cb8da653301f1bf2
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a4c6cd3eade63c30c1b28dde23349887fa726430fe1de72ac17b595a2c45863
4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e
4e162d95ae48706dece13ea28076348ce557c1b9914a5f82acc88569cfb32299
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9
77eeab07cb347d7b4897226e3d4b2fd49c8b399721c0af89971b2f0f41d882a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
8cbe8997968be175af377722157cc32c96956a2170d4a3b6ef3a20b8e5623681
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
8f0e880ec1f6afa8ed23ea8b2aa8c4ce9e089548c1c3d588a9b6f9458efdec7f
932f1b849a748822693eab25b21506e777071833dbcfd9850c4027238fc1d0c4
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
948b41d1271503a82a18f665f660900849aff88e4c3da3334b653837d949b74a
970a63e7e2dbafa1dd8adf2be86c2a8f96580161dd5b725c78636ac2aac5f291
9736c732470a85fb5bed1c9d676089a1edc722242466a07dbc69514818ea27bf
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4beddbfe941192e4f55cc1759397aaaa6dab53e74bc6e51e2e1bb3f2c2e6b5
9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2
9cfc72f87bf1597df4da24dab70a531fc8666984b1393411d845b8e3cc68638f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24dddfcfa261c74698763bd46eb6273523afb77a2ed32b287ac7d04432f5ce6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa21972b89e8119783b7b4cc5ef60bf91a0a71f5846a08d7a34aa95f39b55b1b
aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
adcfbd65e24e385bff72e8c5453dea2683b45905a53d00884ad9a26e752b20fc
aee04b2c2a65168e8357ca9bfaacd11e99edfca5ef9301a5b91a5677a870ed74
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c890ac92e105d29ef7fa1a8f92cee84b1503589edd28abc9ec31d4dea0ededc4
c9db19672f24c53d1c0f9a63c9d618612de18569366fb8f3ec22bb107c0730d1
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847
cb93a8e82bf6eb0b41a37924ca0427735bcf8f55e4ce6c75906afe2713d15aa3
cf5fa855311d9d6c1aefb4a9a1575cd1110a37be9cd1c84b161c9391f339554e
d0ae7d57c9d40f1cb54eb80f92b92ae86fe7298fae59005154cf89fad21d3a8a
d2b5ed00ab7295f7782fc9f120328d891e5eb053b3831a62bbe8be33505f7067
d5059f32fbb319603fd421035ba8ae20f2a80c2978279efb10cba65961bdcfe9
d617fafbbb3d8e05d94b146ee8efd33122393722026dac23b405bc3b1a115b21
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da40c0d6956adbc38eef775bfc72de4ea54b859928a185ff0cb4938a3676973a
deea813871892eb22844fd3de1fadec0377e13b146d62b30fd708afaa15442df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d8c779d5aea92f5c0dde9a35c344f7abb03331601273c415521b20df260f2e
eb654e34e9f5d74d89c677af3c621d8437d98a8b70c4c57508a21b2d8d2095f5
ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9
ee57509d67d3651bac284cc97d7d6c1eb800f01077be9b0568f8e6ccd0599130
f1a1bb9798f869f449e3037d11294bbd9a220859a75ec75ec4d153ece778c0db
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2e8d861cc0c1e3bd51c14af3eb035a84002fc6c053295619817a30595ff7840
f6cafe95006784fd2a17f6565b0649a604e9b2e2fc7f17f19a281cfea796d36f
fa5d13c80aac88e70ec71c876a5259c55406aa5963c448b0e4f2b8acb8416cf9
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fc03940e069f45940491e60b6195876b1263d2d466d93da2159e465be8c6d934
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

windows13update.com Open in urlscan Pro 162.246.17.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

100 %HTTPS

65 %IPv6

21 Domains

30 Subdomains

25 IPs

6 Countries

3758 kBTransfer

5897 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windows13update.com Open in urlscan Pro
162.246.17.59 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

30
Subdomains

25
IPs

6
Countries

3758 kB
Transfer

5897 kB
Size

6
Cookies

174 HTTP transactions
8 data transactions