www.updatestar.com Open in urlscan Pro
2a01:488:67:1000:5bfa:5108:0:1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Submission: On January 06 via manual (January 6th 2022, 8:31:00 am UTC) from DE — Scanned from FR

Summary HTTP 135 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 19 domains to perform 135 HTTP transactions. The main IP is 2a01:488:67:1000:5bfa:5108:0:1, located in Germany and belongs to GODADDY, DE. The main domain is www.updatestar.com. The Cisco Umbrella rank of the primary domain is 424148.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 25th 2020. Valid for: 2 years.

This is the only time www.updatestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2a01:488:67:1... 2a01:488:67:1000:5bfa:5108:0:1	20773 (GODADDY) (GODADDY)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
9	2604:7c00:22:... 2604:7c00:22:3:4412:50f:c03b:1b31	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.210.94.59 52.210.94.59	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:68c8:b1a8:b6c6:48d9	16509 (AMAZON-02) (AMAZON-02)
135	24

22 2a01:488:67:1000:5bfa:5108:0:1 (Germany)

ASN20773 (GODADDY, DE)

www.updatestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.updatestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2604:7c00:22:3:4412:50f:c03b:1b31 (United States)

ASN40244 (TURNKEY-INTERNET, US)

news.updatestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.141 (Los Angeles, United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.94.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-94-59.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:68c8:b1a8:b6c6:48d9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 129	390 KB
31	updatestar.com www.updatestar.com — Cisco Umbrella Rank: 424148 w1.updatestar.com — Cisco Umbrella Rank: 999412 news.updatestar.com	123 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 183 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 165	289 KB
13	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	165 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 13	2 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 261 fonts.googleapis.com — Cisco Umbrella Rank: 43	35 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 528	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 154	148 KB
4	google.fr adservice.google.fr — Cisco Umbrella Rank: 27081 www.google.fr — Cisco Umbrella Rank: 13562	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 667	890 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 265	917 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1144	486 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1510	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 937	927 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1658	297 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2482	375 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 716	324 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 754	421 B
135	19

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	w1.updatestar.com	www.updatestar.com
14	pagead2.googlesyndication.com	www.updatestar.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.updatestar.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	www.updatestar.com googleads.g.doubleclick.net
9	news.updatestar.com	www.updatestar.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.updatestar.com	www.updatestar.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects www.updatestar.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	image6.pubmatic.com	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.fr	pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	www.updatestar.com securepubads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.updatestar.com www.google-analytics.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	www.google.fr	www.updatestar.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	www.updatestar.com
135	30

This site contains links to these domains. Also see Links.

Domain
news.updatestar.com
nordvpn.updatestar.com
internet-download-manager.updatestar.com
free-download-manager.updatestar.com
realtek-high-definition-audio-driver.updatestar.com
nordvpn-network-tap.updatestar.com
nordvpn-network-tun.updatestar.com
free-youtube-download.updatestar.com
apple-software-update.updatestar.com
epson-photo-3.updatestar.com
microsoft-net-framework.updatestar.com
winrar.updatestar.com
updatestar.updatestar.com
apple-mobile-device-support.updatestar.com
apple-application-support.updatestar.com
vlc-media-player.updatestar.com
chrome.updatestar.com
microsoft-skydrive.updatestar.com
www.twitter.com
www.facebook.com
client.updatestar.com
feed.updatestar.com

Subject Issuer	Validity	Valid
*.updatestar.com AlphaSSL CA - SHA256 - G2	`2020-05-25` - `2022-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 17 frames:

Primary Page: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Frame ID: A897521B8ED628AFF66A493BC1BF5B77
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: EBB544862BD204CC1EE49F33009C1C84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&adk=1812271804&adf=3025194257&lmt=1641457854&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457855903&bpp=2&bdt=294&idt=108&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=710239119734&frm=20&pv=2&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119
Frame ID: 78C35A79CFB6F535DF8A43DCC999B138
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10
Frame ID: BC021B4812DD90DF74EDE2C4CFEBC70C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14
Frame ID: C72B8CC305191F54914DB765F5383741
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3117087E7C8E39C43457FDC27F7F3A00
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 374722DBF8F4F8CB34097833283ADB14
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4DFBA5621A089E01DB95B27B42617ADF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 72CF97E15FC92123A617B5FC71FD8543
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E53D5D1FB824C5DD7763114495D45444
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js
Frame ID: C56EABF69A181B1955671D7AE249FFD7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0445104D8B01073E82D78309F9FCFFA9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js
Frame ID: D85A0F138DBD41947EB4DCB3CD060D17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js
Frame ID: FA05CED8072B892A36727D4FF8BF89EA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js
Frame ID: 962696D65AB0644F0F7093881EB93552
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2BB9719F93B2A5B9D10C0862BD4C9BF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC7635CE5EE88A0448D255AA07BC5896
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Téléchargement gratuit download nordvpn 3.16.exe older version - download nordvpn 3.16.exe older version pour Windows

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

135
Requests

94 %
HTTPS

68 %
IPv6

19
Domains

30
Subdomains

24
IPs

6
Countries

1174 kB
Transfer

3229 kB
Size

26
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://news.updatestar.com/
Title: Nouvelles logicielles

Search URL Search Domain Scan URL

URL: https://nordvpn.updatestar.com/

Search URL Search Domain Scan URL

URL: https://internet-download-manager.updatestar.com/

Search URL Search Domain Scan URL

URL: https://free-download-manager.updatestar.com/

Search URL Search Domain Scan URL

URL: https://realtek-high-definition-audio-driver.updatestar.com/

Search URL Search Domain Scan URL

URL: https://nordvpn-network-tap.updatestar.com/

Search URL Search Domain Scan URL

URL: https://nordvpn-network-tun.updatestar.com/

Search URL Search Domain Scan URL

URL: https://free-youtube-download.updatestar.com/

Search URL Search Domain Scan URL

URL: https://apple-software-update.updatestar.com/

Search URL Search Domain Scan URL

URL: https://epson-photo-3.updatestar.com/

Search URL Search Domain Scan URL

URL: https://microsoft-net-framework.updatestar.com/

Search URL Search Domain Scan URL

URL: https://winrar.updatestar.com/

Search URL Search Domain Scan URL

URL: https://updatestar.updatestar.com/

Search URL Search Domain Scan URL

URL: https://apple-mobile-device-support.updatestar.com/

Search URL Search Domain Scan URL

URL: https://apple-application-support.updatestar.com/

Search URL Search Domain Scan URL

URL: https://vlc-media-player.updatestar.com/

Search URL Search Domain Scan URL

URL: https://chrome.updatestar.com/

Search URL Search Domain Scan URL

URL: https://microsoft-skydrive.updatestar.com/

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/these-tools-delete-files-permanently-and-safely

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/new-vivaldi-5-0-browser-for-desktop-and-android-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/debloating-windows-10-the-easy-way-with-o-o-appbuster

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/try-foxit-reader

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/why-you-should-think-about-using-a-vpn-to-protect-your-privacy

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/update-to-firefox-94-0-2-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/microsoft-releases-kb5008295-emergency-patch-for-all-windows-11-computers

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/new-thunderbird-version-91-3-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/firefox-94-update-available-for-download

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/important-google-chrome-95-0-4638-69-update-available

Search URL Search Domain Scan URL

URL: https://www.twitter.com/updatestar
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/updatestar
Title: Facebook

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/updatestar/features/
Title: UpdateStar Free & Premium

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/drivers/overview/
Title: Drivers

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/productkeyfinder/overview/
Title: Product Key Finder

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/passwordfinder/overview/
Title: Password Finder

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/onlinebackup/overview/
Title: Online Backup

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/localbackup/overview/
Title: Local Backup

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/videoconverter/overview/
Title: Video Converter

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/sigparser/overview/
Title: SigParser

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/appcleaner/overview/
Title: AppCleaner

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/help
Title: FAQ

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/privacy
Title: Confidentialité

Search URL Search Domain Scan URL

URL: http://feed.updatestar.com/usfeed
Title: RSS

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/partner
Title: Partner

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/about
Title: Qu'est-ce que UpdateStar?

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/press
Title: Presse

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/team
Title: Équipe

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/investors
Title: Investisseurs

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/reseller
Title: Trouver un revendeur

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/localization
Title: Localisation

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/freelicenseprograms/
Title: Licences libres

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/pad
Title: Soumettre un produit

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI5MCyfdI0jcGn1RpAdPm8y6lFkqDPsenLVCjPLmOfC97zDFcHz2lkMV5UqDYYr9qyub0JJ5_SHn_ok2EvVanHZc94V1J8&google_gid=CAESEFmQVJXsvQSxFFcH8QymqAQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI5MCyfdI0jcGn1RpAdPm8y6lFkqDPsenLVCjPLmOfC97zDFcHz2lkMV5UqDYYr9qyub0JJ5_SHn_ok2EvVanHZc94V1J8&google_gid=CAESEFmQVJXsvQSxFFcH8QymqAQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDYwODMwNTgwMDAxNjg3MzI4NTE2Mw%3D%3D&google_push=AYg5qPI5MCyfdI0jcGn1RpAdPm8y6lFkqDPsenLVCjPLmOfC97zDFcHz2lkMV5UqDYYr9qyub0JJ5_SHn_ok2EvVanHZc94V1J8

Request Chain 111

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEESJhdxoFa8_oM91k0fIt0A&google_cver=1&google_push=AYg5qPLtGKOO86GNeqAVYhmpaR0mKV0s7IJG-FULKtseTXjXK-bPn2YJFuq61Cc-pNBR63EUVVz9yt3qE3xfvgyF-jvl-9pxY4E HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEESJhdxoFa8_oM91k0fIt0A&google_cver=1&google_push=AYg5qPLtGKOO86GNeqAVYhmpaR0mKV0s7IJG-FULKtseTXjXK-bPn2YJFuq61Cc-pNBR63EUVVz9yt3qE3xfvgyF-jvl-9pxY4E&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68iEtLqnR7-O31xeMOGinw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtGKOO86GNeqAVYhmpaR0mKV0s7IJG-FULKtseTXjXK-bPn2YJFuq61Cc-pNBR63EUVVz9yt3qE3xfvgyF-jvl-9pxY4E

Request Chain 112

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBF-jlEZWzYvz99MmY0ZUdU&google_cver=1&google_push=AYg5qPKESvszrRSnxl-ZEdG_62ptBrIQAE7NrAmlgThJ8k2Z1AD4AxNR_8iH4HPvhlvtSCAulmFz-3-vBHf95pp23dN-AdqNqRY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSE4tNS1EMUlP&google_push=AYg5qPKESvszrRSnxl-ZEdG_62ptBrIQAE7NrAmlgThJ8k2Z1AD4AxNR_8iH4HPvhlvtSCAulmFz-3-vBHf95pp23dN-AdqNqRY

Request Chain 113

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_cver=1&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI99tk24UEUWPN3-0CRZq2378IeRshdB7UWIdPyKAVxZK-p2ZmRooXibCkleoZURN6Ov7Eu81BoHWVF-HjtR1UsEJCwOyk&google_gid=CAESELK5bqPJcyZMh3WhZJi5n2Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRhb3dRQUFBWEpudUJ5YQ&google_push=AYg5qPI99tk24UEUWPN3-0CRZq2378IeRshdB7UWIdPyKAVxZK-p2ZmRooXibCkleoZURN6Ov7Eu81BoHWVF-HjtR1UsEJCwOyk

Request Chain 122

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLWs4MgSayFe-IuI5NvkbuF-UVhOgxmS_v-cCBxkXvLpCbf-Bcqc0pZ1JpEiWaoZKZrqE92lIddV_3FBIG3ybsjxjp7XNyY&google_gid=CAESELUoy3PO7S2AdVhN9NN_qtU&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMHR2o4GEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMV3M0TWdTYXlGZS1JdUk1TnZrYnVGLVVWaE9neG1TX3YtY0NCeGtYdkxwQ2JmLUJjcWMwcFoxSnBFaVdhb1pLWnJxRTkybElkZFZfM0ZCSUczeWJzanhqcDdYTnlZ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYzdwamdrZWZaZ1J0eDZyNjZiZlpsQTNIZ3JoSmZHcXdhdWYzWnZtVkhfbw==&google_push

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELkXU14KMPFh7MXzaKU4amQ&google_cver=1&google_push=AYg5qPJ8lJdj1aOKrmqKiUTDjHqJEKuQCweGm0aY36hccnVveEdT-5Sh6U6lMKvHuuEfB_M8FoQg0ETQmmNuIg10LZnZxWE_i8cY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELkXU14KMPFh7MXzaKU4amQ&google_cver=1&google_push=AYg5qPJ8lJdj1aOKrmqKiUTDjHqJEKuQCweGm0aY36hccnVveEdT-5Sh6U6lMKvHuuEfB_M8FoQg0ETQmmNuIg10LZnZxWE_i8cY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PRI-6oRKQFGwK1wEoRpt5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ8lJdj1aOKrmqKiUTDjHqJEKuQCweGm0aY36hccnVveEdT-5Sh6U6lMKvHuuEfB_M8FoQg0ETQmmNuIg10LZnZxWE_i8cY

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEjZrBYzplNUYyK1uuly4t8&google_cver=1&google_push=AYg5qPLpVuE8H-Dx1RsIrzft1e-2yFWIAvYZSIgczEXyhWhMvC29o9TvMu2bo8mxyk5AAXu-6D1_pgz2htGvUqyqPgJ5g5w6KODm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSTItMjEtRjYzUw==&google_push=AYg5qPLpVuE8H-Dx1RsIrzft1e-2yFWIAvYZSIgczEXyhWhMvC29o9TvMu2bo8mxyk5AAXu-6D1_pgz2htGvUqyqPgJ5g5w6KODm

135 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request download%20nordvpn%203.16.exe%20older%20version Show response
www.updatestar.com/topic/ 78 KB
11 KB 297ms
149ms Document
text/html 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 61a9b0176d55e304b8dd00717833738e6f515da691b3e1df635b226a1bad9842

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 06 Jan 2022 09:00:54 GMT
Last-Modified: Thu, 06 Jan 2022 08:30:54 GMT
Vary: Accept-Encoding
Date: Thu, 06 Jan 2022 08:30:53 GMT
Content-Length: 10891

GET
H/1.1 200
OK icomoon.woff
www.updatestar.com/fonts/ 5 KB
3 KB 37ms
36ms Font
application/x-font-woff 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/fonts/icomoon.woff?mv55hb
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 38fd859bcbbd6cfac90958b3ec0ffe155f5eee9dd8a2f58f934d3cb41d97b924

Request headers

Referer: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Origin: https://www.updatestar.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 15:15:20 GMT
ETag: "0b46378a3aed51:0"
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 2863

GET
H/1.1 200
OK bundle.min.css
www.updatestar.com/css/ 137 KB
22 KB 81ms
43ms Stylesheet
text/css 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/css/bundle.min.css?v=5bea96fa17d8d7913bcff38bb2d92b8b
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 6e16cbeacdbd2d1154e8249a41bc885b3778aece5429cf3f619a9d3b71175a35

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 May 2021 16:52:08 GMT
ETag: "06ce14a3d56d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 22272

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 121ms
43ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

92e7352182510bf96bd4969f0e067ff82dad1a8fd8c392e9277bd42d0f79fc57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27064
x-xss-protection: 0
server: sffe
etag: "1093 / 185 of 1000 / last-modified: 1641382001"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Jan 2022 08:30:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 133ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dfbd154868bb1f514576d232b63ae1ecf39e16fb913f2cb0bb0332e941d3deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51825
x-xss-protection: 0
server: cafe
etag: 7401919814948766390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 08:30:55 GMT

GET
H/1.1 200
OK uslogo.svg
www.updatestar.com/img/ 12 KB
5 KB 39ms
36ms Image
image/svg+xml 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.updatestar.com/img/uslogo.svg
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 20eead7e17d56b571a5ee1cf2d1c7f6ca79bc672fcd01b6e2273a3ec8973033b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 May 2021 16:43:21 GMT
ETag: "80dab23c4e52d71:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 4905

GET
H/1.1 200
OK 2386043.32.png
w1.updatestar.com/img/icons/ 2 KB
2 KB 202ms
45ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2386043.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: e0663b8178550ae2e131da6cd79a91b09d8831dd49e1daa3f4aa12b2f3862a5e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 22 May 2018 23:07:26 GMT
Accept-Ranges: bytes
ETag: "c4ed95a621f2d31:0"
Content-Length: 1574
Content-Type: image/png

GET
H/1.1 200
OK 1634813.32.png
w1.updatestar.com/img/icons/ 2 KB
2 KB 192ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/1634813.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 2b4bd9dd4c2c3e0c0c425d2d39ca973f730cced67cca1985da2257052ae724c1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 10 Jul 2012 16:50:24 GMT
Accept-Ranges: bytes
ETag: "8f49b19bc5ecd1:0"
Content-Length: 1704
Content-Type: image/png

GET
H/1.1 200
OK 2332722.32.png
w1.updatestar.com/img/icons/ 582 B
818 B 195ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2332722.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: a3850f70c52a99c53aa67a91bb6b9bc9060e6badea9678daffba612949d673ec

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Fri, 23 Dec 2016 00:02:51 GMT
Accept-Ranges: bytes
ETag: "6ce86e7af5cd21:0"
Content-Length: 582
Content-Type: image/png

GET
H/1.1 200
OK 684776.32.png
w1.updatestar.com/img/icons/ 1 KB
2 KB 198ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/684776.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: af11fe6f88d779e79c12e084aa6b525a3e218c03721e19ae2a896941eb23c7c1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 10 Jul 2012 19:04:01 GMT
Accept-Ranges: bytes
ETag: "9dcf44c4ce5ecd1:0"
Content-Length: 1509
Content-Type: image/png

GET
H/1.1 200
OK 2392241.32.png
w1.updatestar.com/img/icons/ 510 B
747 B 233ms
46ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2392241.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 63c1c3b80d62e7d43fd6f2381680f9e241f810f0ee4a4d961798154969eedbd1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 23 Jul 2018 23:05:06 GMT
Accept-Ranges: bytes
ETag: "ca979798d922d41:0"
Content-Length: 510
Content-Type: image/png

GET
H/1.1 200
OK default32.png
w1.updatestar.com/img/ 275 B
511 B 224ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/default32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: e7a22b586532669e3e86d019c3faa366bb89af54fea98c28eb526415d01990a7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Sat, 01 Mar 2014 12:41:49 GMT
Accept-Ranges: bytes
ETag: "80e419d4b35cf1:0"
Content-Length: 275
Content-Type: image/png

GET
H/1.1 200
OK 2503607.32.png
w1.updatestar.com/img/icons/ 442 B
679 B 134ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2503607.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 00ad7ed1bf29125502b90929c87b8572606bed0ab9dbad8063f1f97cba83ee1b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Sun, 02 Jan 2022 01:09:54 GMT
Accept-Ranges: bytes
ETag: "e0d4747375ffd71:0"
Content-Length: 442
Content-Type: image/png

GET
H/1.1 200
OK 684772.32.png
w1.updatestar.com/img/icons/ 2 KB
2 KB 131ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/684772.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: f3cbbaed95cc8ce53e4b8846bf7cdcf22cea26b7e6a26c1f0a52261bda080d46

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 10 Jul 2012 19:04:00 GMT
Accept-Ranges: bytes
ETag: "bf54d6c3ce5ecd1:0"
Content-Length: 1681
Content-Type: image/png

GET
H/1.1 200
OK 2371180.32.png
w1.updatestar.com/img/icons/ 2 KB
2 KB 34ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2371180.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: f985dac1bc0e4d4225a2357a8f91b26ccbca010f29f8878fe8c99915a3e7f3f9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Fri, 15 Dec 2017 00:08:29 GMT
Accept-Ranges: bytes
ETag: "6e944ed63875d31:0"
Content-Length: 1712
Content-Type: image/png

GET
H/1.1 200
OK 2054442.32.png
w1.updatestar.com/img/icons/ 2 KB
2 KB 35ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2054442.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: c835350b07812e67ca6a111881f1eebf973b61ad64f0ec8fdb6348c8f102b63f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 09 Jul 2013 23:01:48 GMT
Accept-Ranges: bytes
ETag: "3a6e4f4af87cce1:0"
Content-Length: 1640
Content-Type: image/png

GET
H/1.1 200
OK 355293.32.png
w1.updatestar.com/img/icons/ 465 B
701 B 36ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/355293.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: b9871a9b138517d6cd4d90f3c124f62a93425616ef0ca93cd11868dcdba249e2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 10 Jul 2012 18:13:58 GMT
Accept-Ranges: bytes
ETag: "80661c6c75ecd1:0"
Content-Length: 465
Content-Type: image/png

GET
H/1.1 200
OK 2371185.32.png
w1.updatestar.com/img/icons/ 398 B
635 B 35ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2371185.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 0ef35558fe9b849d8366830d0cc42c4a74b9862e7506e31fb88da0f0f88db039

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Fri, 15 Dec 2017 00:08:30 GMT
Accept-Ranges: bytes
ETag: "c27e79d63875d31:0"
Content-Length: 398
Content-Type: image/png

GET
H/1.1 200
OK 1993617.32.png
w1.updatestar.com/img/icons/ 1 KB
1 KB 36ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/1993617.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 07091385da1e54f5b396c11d5fe588db67e86b703bf192aa66a849311f8578ca

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 10 Jul 2012 11:00:26 GMT
Accept-Ranges: bytes
ETag: "df805d368b5ecd1:0"
Content-Length: 1068
Content-Type: image/png

GET
H/1.1 200
OK 2424366.32.png
w1.updatestar.com/img/icons/ 1 KB
2 KB 35ms
34ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2424366.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: a67b08d24bbf96392ed572f41f3a72a27ef251d5d8f7af08f395f629ba8ab2ca

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 22 Aug 2019 05:01:08 GMT
Accept-Ranges: bytes
ETag: "812b159ca658d51:0"
Content-Length: 1429
Content-Type: image/png

GET
H/1.1 200
OK 1928840.32.png
w1.updatestar.com/img/icons/ 2 KB
2 KB 35ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/1928840.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: de63a2d85245b9516200c6006fa2590d85504b53dbfaa856c0f09e005d81b093

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 10 Jul 2012 17:23:40 GMT
Accept-Ranges: bytes
ETag: "f7e981bfc05ecd1:0"
Content-Length: 1571
Content-Type: image/png

GET
H/1.1 200
OK 2371184.32.png
w1.updatestar.com/img/icons/ 891 B
1 KB 35ms
35ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2371184.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 1f7a426a3a38ae195e1d0bd7504788282ea2cc4524f45490f88a76ac7048bf96

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Fri, 15 Dec 2017 00:08:29 GMT
Accept-Ranges: bytes
ETag: "4cce68d63875d31:0"
Content-Length: 891
Content-Type: image/png

GET
H2 200 safeerase1.80x45.png
news.updatestar.com/images/sized/ 2 KB
2 KB 387ms
168ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/safeerase1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0c6b468a8a96a5293325b953a4fff6f1b0577f9a83c9eb4558eb9eb09b695940

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d50977c9481345"
last-modified: Mon, 13 May 2019 10:36:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 1861

GET
H2 200 vivaldiicon1.80x45.png
news.updatestar.com/images/sized/ 2 KB
2 KB 297ms
94ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/vivaldiicon1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1bfa639183adbdb476c064a63b12b8134ac1d5998182dad13592ddeb86e5e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d6a2d84055a244"
last-modified: Thu, 15 Oct 2020 09:47:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 2244

GET
H2 200 appbuster2.80x45.png
news.updatestar.com/images/sized/ 2 KB
2 KB 303ms
100ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/appbuster2.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3b78aa0393b2a92d3444a69760a48bbe106bf77836b27b1bced7067d23284863

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d5082f6e0b0235"
last-modified: Sat, 11 May 2019 19:26:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 2101

GET
H2 200 foxitreaderlogo1.80x45.png
news.updatestar.com/images/sized/ 3 KB
3 KB 312ms
109ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/foxitreaderlogo1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a518d1c220fa0fd2151dc57a903e675c143de6a90d0a6c4c4aca3d2637237aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Wed, 22 Jan 2020 15:23:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d5d137f62004ac"
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 2732

GET
H2 200 whyvpn1.80x45.png
news.updatestar.com/images/sized/ 3 KB
3 KB 300ms
96ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/whyvpn1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fd0f1cd7d1327a351fd53abbba74424fa8e05b340870166fc2aef0da606e6b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d50a3537064fe5"
last-modified: Tue, 14 May 2019 09:12:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 2661

GET
H2 200 firefox82.80x45.png
news.updatestar.com/images/sized/ 3 KB
3 KB 372ms
169ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/firefox82.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

30d25ee0e558fe4fdd98541df0af1c29d3c0d8d321b861ce16406d5b08d7fdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Tue, 20 Oct 2020 14:52:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d6a6f0abe0b91a"
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 2586

GET
H2 200 windowsupdate1.80x45.png
news.updatestar.com/images/sized/ 2 KB
2 KB 371ms
168ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/windowsupdate1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

43f83fcd7ee6eee9296369ec8db5118829f4e249ab28ca4ff2aa727cc2ce4501

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Mon, 03 Jun 2019 07:14:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d519dbfa9682cc"
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 2380

GET
H2 200 thunderbirddarkmode-1.80x45.png
news.updatestar.com/images/sized/ 4 KB
4 KB 301ms
98ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/thunderbirddarkmode-1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

04c673d03533906094d9484a1c2cf6b91d42387c843ba0a316d64d1c81ca6a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Thu, 17 Dec 2020 16:00:07 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d6d48db075d36c"
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 3820

GET
H2 200 chromelogo1.80x45.png
news.updatestar.com/images/sized/ 1 KB
2 KB 300ms
97ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/chromelogo1.80x45.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4ba7417a8f2032e11b7005f80b25b0e5255c97cec53c2db5805fd21955034891

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d50a33f0641e62"
last-modified: Tue, 14 May 2019 09:03:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Thu, 06 Jan 2022 08:46:29 GMT
accept-ranges: bytes
content-length: 1506

GET
H/1.1 200
OK bundle-dark.min.css
www.updatestar.com/css/ 150 KB
23 KB 71ms
71ms Stylesheet
text/css 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/css/bundle-dark.min.css?v=fb0807a66a330bdbff8e757389df1781
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: cd7e155cc1a97d339ee280ca2b48faf49066403eb3a83956acdd797a1783032f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 May 2021 16:52:08 GMT
ETag: "06ce14a3d56d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 23027

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 98ms
30ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jan 2023 23:36:52 GMT

GET
H/1.1 200
OK main.min.js Show response
www.updatestar.com/js/ 48 KB
16 KB 43ms
43ms Script
application/x-javascript 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/js/main.min.js?v=9274c21127d4d657506b3661b932862c
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 3728c4200575ae429059881bd337d80412973989b3d9dcac88323dd8696bebe6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 08:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 May 2021 17:09:37 GMT
ETag: "801e22bc3f56d71:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 15899

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 99ms
28ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5389
date: Thu, 06 Jan 2022 07:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 06 Jan 2022 09:01:06 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 67ms
66ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Jan 2022 08:30:55 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 97 B
113 B 76ms
38ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.updatestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0102b7d5635d4750637e15db04fd7d25c6382a6b8fc2b969ff78b92d0fb1772c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Thu, 06 Jan 2022 08:30:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4118765744455397&plah=www.updatestar.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

915d5ab79c94af13cf251dbc6f76d1392a62bd507deb3bc646be5745196c63d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 8449912019813659502
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 08:30:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame EBB5 11 KB
5 KB 98ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 05 Jan 2022 16:07:35 GMT
expires: Wed, 19 Jan 2022 16:07:35 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 59000
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 74ms
36ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=474326156&t=pageview&_s=1&dl=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&ul=en-us&de=UTF-8&dt=T%C3%A9l%C3%A9chargement%20gratuit%20download%20nordvpn%203.16.exe%20older%20version%20-%20download%20nordvpn%203.16.exe%20older%20version%20pour%20Windows&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=49186739&gjid=1327332259&cid=282273339.1641457856&tid=UA-113330-2&_gid=1232837770.1641457856&_r=1&_slc=1&z=998983139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.updatestar.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.updatestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 80ms
24ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-113330-2&cid=282273339.1641457856&jid=49186739&gjid=1327332259&_gid=1232837770.1641457856&_u=IEBAAAAAAAAAAC~&z=2073973356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.updatestar.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 Jan 2022 08:30:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.updatestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
421 B 45ms
37ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.updatestar.com&callback=_gfp_s_&client=ca-pub-4118765744455397

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4118765744455397&plah=www.updatestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

db6cae37a4bfe21d3bfbdc72d13e35030df13c9ef32a4f9a3c14adfa4bfee7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 153ms
38ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 112ms
38ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78C3 271 KB
64 KB 640ms
603ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&adk=1812271804&adf=3025194257&lmt=1641457854&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457855903&bpp=2&bdt=294&idt=108&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=710239119734&frm=20&pv=2&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e7128792d441e3b8c856528c3b7be514628b2f193f3c00ac5317560dee089bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 06 Jan 2022 08:30:56 GMT
server: cafe
content-length: 65327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Jan 2022 08:30:56 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 109ms
41ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113330-2&cid=282273339.1641457856&jid=49186739&_u=IEBAAAAAAAAAAC~&z=1863664310

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 112ms
40ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113330-2&cid=282273339.1641457856&jid=49186739&_u=IEBAAAAAAAAAAC~&z=1863664310

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 149 KB
53 KB 581ms
581ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff7f7aae5fdd50dee838d28c038d17baa8c7e8d5b008bc946ef40b63c5e9d66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54387
x-xss-protection: 0
server: cafe
etag: 5026898888609561392
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 75ms
38ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
39ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC02 91 KB
32 KB 797ms
797ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e60a64265f1fd4886975090e6183056b135010c22cb21a695693d897754079e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 06 Jan 2022 08:30:57 GMT
server: cafe
content-length: 32790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Jan 2022 08:30:57 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C72B 93 KB
32 KB 812ms
811ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4961eca570d3a096e919cf081dbc61d961c13d2d293178a776ce1ea0b673d11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 06 Jan 2022 08:30:57 GMT
server: cafe
content-length: 32880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Jan 2022 08:30:57 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
37ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/ Frame 3117 11 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 05 Jan 2022 16:15:14 GMT
expires: Wed, 19 Jan 2022 16:15:14 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 58543
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/ Frame 3747 11 KB
5 KB 28ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 05 Jan 2022 16:15:14 GMT
expires: Wed, 19 Jan 2022 16:15:14 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 58543
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 3117 4 KB
1 KB 107ms
37ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 07:12:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3117 205 B
743 B 98ms
29ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:24:00 GMT
x-content-type-options: nosniff
age: 54417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Jan 2023 17:24:00 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3117 604 B
696 B 99ms
30ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 20:32:52 GMT
x-content-type-options: nosniff
age: 215885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Jan 2023 20:32:52 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame 3117 19 KB
8 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8415
x-xss-protection: 0
server: cafe
etag: 17051659159829090632
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:15:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3747 2 KB
605 B 113ms
47ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 07:22:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 3747 1 KB
960 B 120ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:17:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3747 0
0 72ms
72ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeXkHwKjWYazZBc3vtwfx86TYBcfj4Jhn7Zrai64NgvL4xMkiEAEg1rWlBmD7gYCAiAqgAbzw4M8ByAEJqQJUVdxI7_uyPqgDAcgDywSqBP4BT9DdAH4lqWnQjxGRm5mDzEZbosfEKri7GjOgFHpDoQG22Aw4mW6iL7xlPWX6eV7_piRnlmKHECfbEaNhEmSoInUknXDSwnhzQ7QDEROzjM2USFCf9Ehuh31rF1OuXOSvQn0m2nl2AypzoVLsXgLBIWtEcDJd7xLl4vsVOGE_M7SIgIdB4tDq786EHVQLV-t_4zyV9jwU_2o51nMjUaip_tNPKVLes1e2LMu02RYTfiM8fr_yaGHUdeneudxIx5RUnx1h3cwu1r7mZXHwQzKPqoDL1xTv49SOE-vDD98JvOfznZ_wnnO8MBn-sChSg3qz8Sa-rgUct95ZA2JmUcfABOmk8MCxA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAesj5-wAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBD_7gjSCAkIgOGAEBABGB-ACgHICwHYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNDExODc2NTc0NDQ1NTM5NxgA&sigh=Yfp2lrvjJtg&uach_m=[UACH]&template_id=494

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 06 Jan 2022 08:30:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 3747 19 KB
8 KB 100ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:24:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 3747 2 KB
1 KB 120ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:22:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3747 120 KB
37 KB 123ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 3747 15 KB
6 KB 103ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:26:11 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 3747 27 KB
12 KB 92ms
30ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 22:16:39 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3747 20 KB
20 KB 154ms
79ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQl3x1Bnr1KDSHf6nuZ-2E1shfxrljq4zKgZP8DqlMvfkvGhYo&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e64c321ca08a8ff9832988e3feada14a2378d54127068b38fcdce38f38bd3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Mar 2019 04:06:07 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20108
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 06 Jan 2023 08:30:57 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3747 20 KB
21 KB 105ms
30ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRUPDchHF-22mtr1SerACZ8QFzDrkUoQ_Yny-ZQ1N_fEk4tr4Xg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81b2b9dcd080649d238918a02ade4a8cf2d6a60fbef9c9ce55ef439841c98496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 18:47:11 GMT
x-content-type-options: nosniff
age: 135826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20711
x-xss-protection: 0
last-modified: Fri, 18 Dec 2020 08:16:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 04 Jan 2023 18:47:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4DFB 3 KB
579 B 75ms
38ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 07:17:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 4DFB 1 KB
880 B 86ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:17:55 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 4DFB 19 KB
8 KB 67ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:19:38 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 4DFB 2 KB
1 KB 86ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:10:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DFB 120 KB
37 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 4DFB 15 KB
6 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:19:09 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 4DFB 27 KB
11 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 22:16:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BC02 4 KB
618 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 07:09:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame BC02 1 KB
880 B 50ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:17:55 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame BC02 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:19:38 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame BC02 2 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:10:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC02 120 KB
37 KB 101ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame BC02 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:19:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BC02 0
0 76ms
37ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaZodO6u__zJlTyii-WHr9zI2bMEbwi5ChVhz0tarwkc5PpgGfKHqTYxBbNwb3PtLrUOiJnfMf_tk_Jr9dUgRcUc1JmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame BC02 27 KB
11 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 22:16:39 GMT

GET
DATA 200
OK truncated
/ Frame 3747 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 154228a8afc422d990979a233655aee1846d600612633d145656398e2088b536

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC02 0
0 73ms
71ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CstQfwKjWYdukMJ7v6gTWpLb4ArSPlelljtj_jNgOloLNhYgWEAEg1rWlBmD7gYCAiAqgAcri2OICyAEJqQLIzp4UfPyyPqgDAcgDywSqBIcCT9Dfm6GGZpgtBeK57XMqbJ6XP2q6bW50qm2kYc1308S2Cv8wK4RZSHMiT2wwghhvE2FIcDdokpu0OEifLuc8aBdvBzU8owv_gOaP_5CMjqYBxcsp67TdBTBr_CaNKhL4N1BPm5KaT6mw8_DVBJ2_6uDmP5Y5HP7zYBuin8LHmxCBSqgqSlVBmmyJJnMvYisdPr48vNdhBdwUiZxXzclyYKmzJtUhFidEHKIOAUJbPo7Ly0xmGhE-Xg-8wKO73Sm_aAIyaDeBrH_Mj8R2ghtyZxav2_UeiCpiqca_dXtHI0LlxGAY6b0QYVxBsRkE5-Oj4D2Lv0Qwl2voRfn_5mr-iWWj0NR8FiPABJCNrMrzA5IFBAgEGAGSBQQIBRgEoAYugAeenaedAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKu2F9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItNDExODc2NTc0NDQ1NTM5NxgA&sigh=pAMDUHGfhbg&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 06 Jan 2022 08:30:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2203212236952276471/ Frame BC02 8 KB
8 KB 32ms
29ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2203212236952276471/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

157de1b403fe4beed5f3b0b085b6e10b6ab0f3d65cee3a4d888db2767a468f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 12:25:23 GMT
x-content-type-options: nosniff
age: 158734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8159
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 11:39:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Jan 2023 12:25:23 GMT

GET
DATA 200
OK truncated
/ Frame BC02 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 72CF 143 B
163 B 29ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 06 Jan 2022 08:02:27 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E53D 1 KB
749 B 29ms
29ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Jan 2022 05:53:44 GMT
expires: Fri, 07 Jan 2022 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9433
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame C72B 6 KB
670 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 07:20:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C72B 1 KB
880 B 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:17:55 GMT

GET
H3 200 IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js Show response
pagead2.googlesyndication.com/bg/ Frame C56E 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b01ba64306665521e200c5db7a0bb2641a9d01d490b9300fbcc10e9081ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13402
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 15:45:02 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame C72B 19 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:19:38 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C72B 2 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:10:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C72B 120 KB
37 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jan 2022 08:30:57 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C72B 15 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 08:19:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C72B 0
0 37ms
36ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtIeqFQ4p40EG0itecjuFB6jimsQDLvA5pty0iKhu6OgBtRvz5h0rGVKMMeohZK9_t0xpA0OjXPCTig4EjUz87J7KOpw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame C72B 27 KB
11 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 22:16:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17984662134085883840/ Frame C72B 16 KB
16 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17984662134085883840/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b92b9e565788df2be18c8609c8ee7d29eba19621771a3c6999fdeac1efd8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 15:05:23 GMT
x-content-type-options: nosniff
age: 62734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16197
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:12:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Jan 2023 15:05:23 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12581545980791877918/ Frame C72B 2 KB
2 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12581545980791877918/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb429f683015d5864b8d8cb9c4e6c44319144d35aca44214a3408752f3e3b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 22:08:13 GMT
x-content-type-options: nosniff
age: 382964
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:12:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Jan 2023 22:08:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C72B 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COS79wKjWYZ3zLtbItwfTw5noD9_A1eFm5pS-gJIP5YDcwZwZEAEg1rWlBmD7gYCAiAqgAbrfm_kDyAEJqAMByAPLBKoE9AFP0FKyiyPMwx3a1N10U_piSpeTytsXYhGOXo29bMU7SAhGkCqNvWHIyCTY5dAE_njsLMsIUG5JiBi9QfTeGg_lToPrQfSkHL957XPvls0l0pu1YKzsDiS8YRbzS2P6uil3NZkegMxuWpAprbOxVDAMj0Vzv7trQi9tlkdBxsbeUJ_OEJTS__RwH1qhVKngdH1OQjLbiH26JQKkMe-M772bNVYo--IXYqo5deRoi-jkfjJN_LgiP3rfDyoQbyMaJkpiW_XJVpiu2ZHcA9bKzT-3Iay6PwCaB8rv0lvXOfJ-biTzOrNhjLBrLnTIq6X4AmXB0IHBwAShnrTv4gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzYP40gGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC2hgrSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNDExODc2NTc0NDQ1NTM5NxgA&sigh=ARK8_TBVxpE&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 06 Jan 2022 08:30:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BC02 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d740076d7a57d81d7ba8559257971ec7691a07459594ae0bf340b4c65962fff7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BC02 16 KB
16 KB 105ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 152937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:02:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BC02 15 KB
16 KB 93ms
29ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 499869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:39:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0445 1 KB
749 B 28ms
28ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Jan 2022 05:53:44 GMT
expires: Fri, 07 Jan 2022 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9433
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C72B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 869bb989c78b2ae86df279dd578799f9fb4a6534a5c926dfdf955896c07aacee

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame E53D 35 B
463 B 119ms
37ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB4I4OSvlYmQ3JrmheP7whU&google_cver=1&google_push=AYg5qPK9-0rg0Mf0ScA-uhhKEkHCeaqD2dgBQJGCPZBbWAo6lGMvkwg_8PXpzr1j9OGB-9fM8VoompRWC0F6aXQeKv_In1tIGdA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E53D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI5MCyf...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI5MCyf...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDYwODMwNTgwMDAxNjg3MzI4NTE2Mw%3D%3D&google_push=AYg5qPI5MCyfdI0jcGn1RpAdPm8y6lFkqDPsenLVCjPLmOfC97zDFcHz2lkMV5UqDYYr9q...

170 B
188 B

39ms
39ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDYwODMwNTgwMDAxNjg3MzI4NTE2Mw%3D%3D&google_push=AYg5qPI5MCyfdI0jcGn1RpAdPm8y6lFkqDPsenLVCjPLmOfC97zDFcHz2lkMV5UqDYYr9qyub0JJ5_SHn_ok2EvVanHZc94V1J8

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDYwODMwNTgwMDAxNjg3MzI4NTE2Mw%3D%3D&google_push=AYg5qPI5MCyfdI0jcGn1RpAdPm8y6lFkqDPsenLVCjPLmOfC97zDFcHz2lkMV5UqDYYr9qyub0JJ5_SHn_ok2EvVanHZc94V1J8
pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 06 Jan 2022 08:30:58 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame E53D 43 B
324 B 113ms
32ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBMsPa_9ticW2IdbwhfQALg&google_push=AYg5qPIqLAUSvDVMf5gDFuPYIdQvT8OY5w-2KhN0vj0nMJUYc4oWyVgWygyOrWnTRAizjHBmAe5Gmt9djbGwT2sPLsomPCGWVY0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:57 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E53D 43 B
135 B 77ms
27ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIWsvM6KcXFq-_WJnE8Z7-Y&google_cver=1&google_push=AYg5qPLOq7zraPVi1h2YM7T0Sws6xlk0Dh2lgor6j0IYQ2dgNN0ltpG_5VRtcQCcrRiUKmc1VrawbCgvpAqenhSG3zXSSDUnuq0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=250&adk=3890796524&adf=1915131068&pi=t.aa~a.1726572218~rp.3&w=323&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=323x250&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=2&bdt=1113&idt=-M&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0&nras=2&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1097&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=LYuc05GwhK&p=https%3A//www.updatestar.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:57 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: shkjtc9pml0qrq5ja4rbrfgm4rhjcatm

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E53D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68iEtLqnR7-O31xeMOGinw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

96ms
59ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68iEtLqnR7-O31xeMOGinw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtGKOO86GNeqAVYhmpaR0mKV0s7IJG-FULKtseTXjXK-bPn2YJFuq61Cc-pNBR63EUVVz9yt3qE3xfvgyF-jvl-9pxY4E

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68iEtLqnR7-O31xeMOGinw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtGKOO86GNeqAVYhmpaR0mKV0s7IJG-FULKtseTXjXK-bPn2YJFuq61Cc-pNBR63EUVVz9yt3qE3xfvgyF-jvl-9pxY4E
date: Thu, 06 Jan 2022 08:30:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E53D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBF-jlEZWzYvz99MmY0ZUdU&google_cver=1&google_push=AYg5qPKESvszrRSnxl-ZEdG_62ptBrIQAE7NrAmlgThJ8k2Z1AD4AxNR_8iH4HPvhlvtSCAulmF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSE4tNS1EMUlP&google_push=AYg5qPKESvszrRSnxl-ZEdG_62ptBrIQAE7NrAmlgThJ8k2Z1AD4AxNR_8iH4HPvhlvtSCAulmFz-3-vBHf95pp23dN-AdqNqRY

170 B
188 B

44ms
44ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSE4tNS1EMUlP&google_push=AYg5qPKESvszrRSnxl-ZEdG_62ptBrIQAE7NrAmlgThJ8k2Z1AD4AxNR_8iH4HPvhlvtSCAulmFz-3-vBHf95pp23dN-AdqNqRY

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSE4tNS1EMUlP&google_push=AYg5qPKESvszrRSnxl-ZEdG_62ptBrIQAE7NrAmlgThJ8k2Z1AD4AxNR_8iH4HPvhlvtSCAulmFz-3-vBHf95pp23dN-AdqNqRY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame E53D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E53D 0
232 B 105ms
37ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K30ZRt7T0rPMRABtXw1niSmY08Kq4z7XIcioQmSPgbFYCaw_WGCWDDh9irK0qvPoGVH3Fs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C72B 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 52345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 17:58:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C72B 15 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 52478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C72B 15 KB
15 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 499869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:39:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 72CF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

105ms
105ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 06 Jan 2022 08:30:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Jan 2022 08:30:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 06 Jan 2022 08:30:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js Show response
pagead2.googlesyndication.com/bg/ Frame D85A 35 KB
13 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b01ba64306665521e200c5db7a0bb2641a9d01d490b9300fbcc10e9081ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13402
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 15:45:02 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0445 35 B
464 B 100ms
35ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOH4IpP_gmNNZloKp_8aOtE&google_cver=1&google_push=AYg5qPKUi_vgvhUSFSbfaA1Fq9tp8Cuwx32Nj1PGxVABkJYvXMosG8PVXy9a6eb99C8wRL61ud82w5UQBEkeuf5stnfyKc9fFWm6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0445
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI99tk24UEUWPN3-0CRZq2378IeRshdB7UWIdP...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRhb3dRQUFBWEpudUJ5YQ&google_push=AYg5qPI99tk24UEUWPN3-0CRZq2378IeRshdB7UWIdPyKAVxZK-p2ZmRooXibCkleoZURN6Ov7Eu81BoHWVF-HjtR1UsEJCwOyk

170 B
188 B

77ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRhb3dRQUFBWEpudUJ5YQ&google_push=AYg5qPI99tk24UEUWPN3-0CRZq2378IeRshdB7UWIdPyKAVxZK-p2ZmRooXibCkleoZURN6Ov7Eu81BoHWVF-HjtR1UsEJCwOyk

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRhb3dRQUFBWEpudUJ5YQ&google_push=AYg5qPI99tk24UEUWPN3-0CRZq2378IeRshdB7UWIdPyKAVxZK-p2ZmRooXibCkleoZURN6Ov7Eu81BoHWVF-HjtR1UsEJCwOyk
Date: Thu, 06 Jan 2022 08:30:57 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0445
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLWs4MgSayFe-IuI5NvkbuF-UVhOgxmS_v-cCBxkXvLpCbf-Bcqc0pZ1JpEiWaoZKZrqE92lIddV_3FBIG3ybsjxjp7XNyY&google_gid=CAESELUoy3PO7S2AdVhN9NN_qtU&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMHR2o4GEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMV3M0TWdTYXlGZS1JdUk1TnZrYnVGLVVWaE9neG1TX3YtY0NCeGtYdkxwQ2JmLUJjcWMwcFoxSnBFaVdhb1pLWnJxRTkybElkZFZfM0ZCSU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYzdwamdrZWZaZ1J0eDZyNjZiZlpsQTNIZ3JoSmZHcXdhdWYzWnZtVkhfbw==&google_push

170 B
188 B

79ms
41ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYzdwamdrZWZaZ1J0eDZyNjZiZlpsQTNIZ3JoSmZHcXdhdWYzWnZtVkhfbw==&google_push

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jan 2022 08:30:57 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYzdwamdrZWZaZ1J0eDZyNjZiZlpsQTNIZ3JoSmZHcXdhdWYzWnZtVkhfbw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0445 43 B
351 B 60ms
26ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF2Z2VXkVS_HKZ8hwNeoh7c&google_cver=1&google_push=AYg5qPKzUrhzI00e1aneYk54oUFu7wZNTgl2FQUBUauyAjlmkrD8R_oW7EXtIMFYAB07RmfSHXjzImGplkwbc_u_BZirZQpmYLEq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:56 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p0epjdjtfqbr95dd9g9ahhk6718bf62s

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0445
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PRI-6oRKQFGwK1wEoRpt5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

78ms
41ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PRI-6oRKQFGwK1wEoRpt5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ8lJdj1aOKrmqKiUTDjHqJEKuQCweGm0aY36hccnVveEdT-5Sh6U6lMKvHuuEfB_M8FoQg0ETQmmNuIg10LZnZxWE_i8cY

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/topic/download%20nordvpn%203.16.exe%20older%20version

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PRI-6oRKQFGwK1wEoRpt5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ8lJdj1aOKrmqKiUTDjHqJEKuQCweGm0aY36hccnVveEdT-5Sh6U6lMKvHuuEfB_M8FoQg0ETQmmNuIg10LZnZxWE_i8cY
date: Thu, 06 Jan 2022 08:30:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0445
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEjZrBYzplNUYyK1uuly4t8&google_cver=1&google_push=AYg5qPLpVuE8H-Dx1RsIrzft1e-2yFWIAvYZSIgczEXyhWhMvC29o9TvMu2bo8mxyk5AAXu-6D1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSTItMjEtRjYzUw==&google_push=AYg5qPLpVuE8H-Dx1RsIrzft1e-2yFWIAvYZSIgczEXyhWhMvC29o9TvMu2bo8mxyk5AAXu-6D1_pgz2htGvUqyqPgJ5g5w6KODm

170 B
188 B

42ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSTItMjEtRjYzUw==&google_push=AYg5qPLpVuE8H-Dx1RsIrzft1e-2yFWIAvYZSIgczEXyhWhMvC29o9TvMu2bo8mxyk5AAXu-6D1_pgz2htGvUqyqPgJ5g5w6KODm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kyUE1MSTItMjEtRjYzUw==&google_push=AYg5qPLpVuE8H-Dx1RsIrzft1e-2yFWIAvYZSIgczEXyhWhMvC29o9TvMu2bo8mxyk5AAXu-6D1_pgz2htGvUqyqPgJ5g5w6KODm
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 0445 43 B
297 B 271ms
35ms Image
image/gif 2a05:d01c:1d8:8101:68c8:b1a8:b6c6:48d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGKuWLe-kqTaetKKxnmx_Lc&google_cver=1&google_push=AYg5qPLd7g_KQDDuteyjq1PU4NlYeLGQFh26CR1WV18Bkfy__DWrnXE2rj4McqnkbE4RLH-vhldvrbJsUaFu7BghsssQg43qnDNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1641457854&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x280&url=https%3A%2F%2Fwww.updatestar.com%2Ftopic%2Fdownload%2520nordvpn%25203.16.exe%2520older%2520version&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641457856721&bpp=1&bdt=1113&idt=0&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26f3012071b6775e-220fdc1216cd0030%3AT%3D1641457856%3ART%3D1641457856%3AS%3DALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ&prev_fmts=0x0%2C323x250&nras=3&correlator=710239119734&frm=20&pv=1&ga_vid=282273339.1641457856&ga_sid=1641457856&ga_hid=474326156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062931&oid=2&pvsid=1272947703578715&pem=200&tmod=440&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=c2IS02nWin&p=https%3A//www.updatestar.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:68c8:b1a8:b6c6:48d9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0445 0
49 B 89ms
37ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JouWMFhDGvVm6P2M3lry-ohf8hfU1AW99RCadtkVwvg4TW7xOz6xZQo_xargzDKaPedMKO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js Show response
pagead2.googlesyndication.com/bg/ Frame FA05 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b01ba64306665521e200c5db7a0bb2641a9d01d490b9300fbcc10e9081ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13402
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 15:45:02 GMT

GET
H3 200 IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js Show response
pagead2.googlesyndication.com/bg/ Frame 9626 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b01ba64306665521e200c5db7a0bb2641a9d01d490b9300fbcc10e9081ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13402
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 15:45:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 81ms
44ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139d3dcc37e8c3c4691a6c28d5c1964a60974f6f398b968f851877a62aff67cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 08:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8439
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jan 2022 08:30:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2BB 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 05 Jan 2022 18:32:35 GMT
expires: Thu, 05 Jan 2023 18:32:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 50303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DC76 783 B
535 B 46ms
46ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4467bf138dab41fd0d0206a2de1682eb389536659545e397faa5cfc43d433bac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Thyo9YD55aQDN+P88P9qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 06 Jan 2022 08:30:58 GMT
date: Thu, 06 Jan 2022 08:30:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2Thyo9YD55aQDN+P88P9qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js Show response
pagead2.googlesyndication.com/bg/ Frame D2BB 35 KB
13 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IRsBumQwZmVSHiAMXbeguyZBqdAdSQuTAPvMEOkIGug.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b01ba64306665521e200c5db7a0bb2641a9d01d490b9300fbcc10e9081ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13402
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 15:45:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DC76 0
0 65ms
64ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=1272947703578715&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=1272947703578715&bg=!6Oul66_NAAbDtiZlw7Y7ACkAdvg8WoyT-385x9yFrSce2uSZKQiP0vPpRSSkNj3erTdeSa3hfleSkQIAAABRUgAAAApoAQcKADb8U02rXtqXnKnK1Pn6IRmrQQB2HQQYfT5bB_MRdlD7SWVnKYKwa9Zzgl6fNcAcwLcVhWEbHEuZAqpVoKqb1gPAlN8oQhlnWC2A0n79NkokwztIDVWE_E9F_CzEi_wK2AwiYFaZgGdmi-iQ2oMehRl7cKQmL1-7bUzHCXPNJhtcSsUWVc4k2wi4mrJdjc12w5leIH1Dm5ZhEDU86NBmmLZzktpfHPWPn9eLKWOmqeVBmVctbhwoeDk9JFPUtfRg1oVn2VZ6WU_Nm9pA97nXepPi6F6IKGyTEmXczZliNvDakY4kIIWHY76qxmVOneq6e_t_0kNymBQG-2l1OaQ3rd2FkV404JVv7P53g-69YDMgz2SjunQljkaZZwmT5bJwjI37cBbu1eg1S5YKiMMo-_gZmeA1hZhQmF4xYivWKcgJu9y7p2UGGZSwPQAFC6RGbppkG806C36_34XaC62R6Y5MQkqvDsufg8gxGvNpHckG9oXaJxnDtfKDL0cD4rNLTRrJpmvVDg43zY8WiFUXg1gPp3pBUr7xwEQTUHuG010PHKcHM_Y3nnbg08tOiG_w8NfKKIH_NwdkmvX7EQsWNKgSlF0Q6xv6lASIOqxeo3HmLWhcjVcBWx8fJMwB1-w9U_0Bh4UFfU7fQnP2lbyjpiCTUY51yH4KxsKmLH_KwpYNDrkKhl9KOAQaUxLGOIoTah4qoWyYFks4vlI-2Okkm5J4ksJ4B1SifKB8S8Wv89JjRRvKsTRwWrmFndDD5oKYqTtODDEX97p0EMe3YDfUb-7K3YfzOh5A4-lEa9u_XkMIsb9szy-h_hRFfw_cM9-T8Dl7SuIERhVM8GyG9PtvbiikSJ6nJ3uq1wKbTFW1UVOmDB8YZN5LrpstekeiSWTfehWT-0PP3ntAvS6MFKiZ-oSs8R-L1JcdpFgU71L4LJfAMZFrTNopBtGIA0iF4zy8aQJqlHb-4ss8CuRiFYMSJBz_HbbE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3747 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGJlrq3UgKJvM7AZbQNtqJitFS6jQiX7XCFxsb9vYiTshVQroc-oKzzie26G4sw2LYjgmrX89s-6F5QzxOstP6WZ7koN6LLjdu2m9DEiX9w0RmGB79cQ&sai=AMfl-YQp4a5BiLdm7npUHCmR3G1oT2seHYm0i7SCcM_2mjbFLuj5fXFHre5_Sqkk2wbswJVPTxI_OSVtYh-O&sig=Cg0ArKJSzPqK1EunADmfEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=94,777,1000,1081,1081&tos=94,683,223,81,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641457857338&rpt=297&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 08:30:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.updatestar.com/	1970-01-20 17:28:49	Name: _ga Value: GA1.2.282273339.1641457856
.updatestar.com/	1970-01-19 23:59:04	Name: _gid Value: GA1.2.1232837770.1641457856
.updatestar.com/	1970-01-19 23:57:37	Name: _gat Value: 1
.updatestar.com/	1970-01-20 09:19:13	Name: __gads Value: ID=26f3012071b6775e-220fdc1216cd0030:T=1641457856:RT=1641457856:S=ALNI_MY_IRcEvpKc-1GNDjClxzpUDykvOQ
.doubleclick.net/	1970-01-20 09:19:13	Name: IDE Value: AHWqTUnoQeo-vHk_guxf2WCr1cf3QF-VMNWXOPWLKZ-R5BIUmFV-qCCxQnM7PGiVsNM
.rlcdn.com/	1970-01-20 08:43:13	Name: rlas3 Value: mDUD0GcHHSOOYBm7JBx5RPp/J/MW8kqF5vk/o8KGEG8=
.quantserve.com/	1970-01-20 02:07:13	Name: d Value: ECwBCQGRJYEA
.quantserve.com/	1970-01-20 09:27:52	Name: mc Value: 61d6a8c1-da6b2-69eb0-eb31c
.pubmatic.com/	1970-01-19 23:59:04	Name: KTPCACOOKIE Value: YES
.rlcdn.com/	1970-01-20 01:24:01	Name: pxrc Value: CMHR2o4GEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 02:07:13	Name: KADUSERCOOKIE Value: EBC884B4-BAA7-47BF-8EDF-5C5E30E1A29F
.doubleclick.net/	1970-01-19 23:57:41	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 08:43:13	Name: CMID Value: Ydaowa3EJR1YCpMzCGcY3gAA
.casalemedia.com/	1970-01-20 02:07:13	Name: CMPS Value: 1161
.e.dlx.addthis.com/	1970-01-20 09:27:52	Name: na_tc Value: Y
.innovid.com/	1970-01-20 02:07:13	Name: uuid Value: dab3419c-ab65-42fe-85a5-b04bd589d492-20220106 03:30:58
.casalemedia.com/	1970-01-20 02:07:13	Name: CMPRO Value: 1106
.casalemedia.com/	1970-01-19 23:59:04	Name: CMST Value: YdaowmHWqMIA
.addthis.com/	1970-01-20 09:27:52	Name: na_id Value: 2022010608305800016873285163
.addthis.com/	1970-01-20 09:27:52	Name: na_tc Value: Y
.addthis.com/	1970-01-20 09:27:52	Name: uid Value: 61d6a8c23c1384c0
.addthis.com/	1970-01-20 09:27:52	Name: ouid Value: 61d6a8c20001d47c945d0b938faedfa1f3b771393b4b9f1926ae
.dlx.addthis.com/	1970-01-20 00:40:49	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 00:40:49	Name: na_sr Value: 20220106
.dlx.addthis.com/	1970-01-19 23:57:37	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 00:40:49	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ydaowa3EJR1YCpMzCGcY3gAABFIAAAIB&google_cver=1&google_gid=CAESEN3-BG-CNhoxwdX5_lI2B9A&google_push=AYg5qPKUf61OVzZq7IyE9gqI-sqkokV2WoM97BF6-IZl6LwPW0wAT47X0ss6x99PBILWp6gZoicBoqN_8hUO0uVoCbrXnDDcDQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
ag.innovid.com
ajax.googleapis.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
news.updatestar.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
w1.updatestar.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagservices.com
www.gstatic.com
www.updatestar.com
cm.g.doubleclick.net
104.90.192.27
142.250.181.226
142.250.185.66
185.64.190.78
2604:7c00:22:3:4412:50f:c03b:1b31
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:801::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a01:488:67:1000:5bfa:5108:0:1
2a05:d01c:1d8:8101:68c8:b1a8:b6c6:48d9
34.98.67.61
35.227.252.103
35.244.174.68
52.210.94.59
8.39.36.141
00ad7ed1bf29125502b90929c87b8572606bed0ab9dbad8063f1f97cba83ee1b
0102b7d5635d4750637e15db04fd7d25c6382a6b8fc2b969ff78b92d0fb1772c
04c673d03533906094d9484a1c2cf6b91d42387c843ba0a316d64d1c81ca6a96
07091385da1e54f5b396c11d5fe588db67e86b703bf192aa66a849311f8578ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6b468a8a96a5293325b953a4fff6f1b0577f9a83c9eb4558eb9eb09b695940
0dfbd154868bb1f514576d232b63ae1ecf39e16fb913f2cb0bb0332e941d3deb
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ef35558fe9b849d8366830d0cc42c4a74b9862e7506e31fb88da0f0f88db039
139d3dcc37e8c3c4691a6c28d5c1964a60974f6f398b968f851877a62aff67cb
154228a8afc422d990979a233655aee1846d600612633d145656398e2088b536
157de1b403fe4beed5f3b0b085b6e10b6ab0f3d65cee3a4d888db2767a468f70
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e64c321ca08a8ff9832988e3feada14a2378d54127068b38fcdce38f38bd3d6
1e7128792d441e3b8c856528c3b7be514628b2f193f3c00ac5317560dee089bb
1f7a426a3a38ae195e1d0bd7504788282ea2cc4524f45490f88a76ac7048bf96
20eead7e17d56b571a5ee1cf2d1c7f6ca79bc672fcd01b6e2273a3ec8973033b
211b01ba64306665521e200c5db7a0bb2641a9d01d490b9300fbcc10e9081ae8
2b4bd9dd4c2c3e0c0c425d2d39ca973f730cced67cca1985da2257052ae724c1
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2e60a64265f1fd4886975090e6183056b135010c22cb21a695693d897754079e
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
30d25ee0e558fe4fdd98541df0af1c29d3c0d8d321b861ce16406d5b08d7fdf3
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3728c4200575ae429059881bd337d80412973989b3d9dcac88323dd8696bebe6
38fd859bcbbd6cfac90958b3ec0ffe155f5eee9dd8a2f58f934d3cb41d97b924
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3b78aa0393b2a92d3444a69760a48bbe106bf77836b27b1bced7067d23284863
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
43f83fcd7ee6eee9296369ec8db5118829f4e249ab28ca4ff2aa727cc2ce4501
4467bf138dab41fd0d0206a2de1682eb389536659545e397faa5cfc43d433bac
4961eca570d3a096e919cf081dbc61d961c13d2d293178a776ce1ea0b673d11c
4ba7417a8f2032e11b7005f80b25b0e5255c97cec53c2db5805fd21955034891
4cb429f683015d5864b8d8cb9c4e6c44319144d35aca44214a3408752f3e3b4d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b92b9e565788df2be18c8609c8ee7d29eba19621771a3c6999fdeac1efd8a6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61a9b0176d55e304b8dd00717833738e6f515da691b3e1df635b226a1bad9842
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c1c3b80d62e7d43fd6f2381680f9e241f810f0ee4a4d961798154969eedbd1
6e16cbeacdbd2d1154e8249a41bc885b3778aece5429cf3f619a9d3b71175a35
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
81b2b9dcd080649d238918a02ade4a8cf2d6a60fbef9c9ce55ef439841c98496
869bb989c78b2ae86df279dd578799f9fb4a6534a5c926dfdf955896c07aacee
915d5ab79c94af13cf251dbc6f76d1392a62bd507deb3bc646be5745196c63d3
92e7352182510bf96bd4969f0e067ff82dad1a8fd8c392e9277bd42d0f79fc57
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3850f70c52a99c53aa67a91bb6b9bc9060e6badea9678daffba612949d673ec
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a518d1c220fa0fd2151dc57a903e675c143de6a90d0a6c4c4aca3d2637237aef
a67b08d24bbf96392ed572f41f3a72a27ef251d5d8f7af08f395f629ba8ab2ca
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af11fe6f88d779e79c12e084aa6b525a3e218c03721e19ae2a896941eb23c7c1
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1bfa639183adbdb476c064a63b12b8134ac1d5998182dad13592ddeb86e5e6c
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b9871a9b138517d6cd4d90f3c124f62a93425616ef0ca93cd11868dcdba249e2
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c835350b07812e67ca6a111881f1eebf973b61ad64f0ec8fdb6348c8f102b63f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd7e155cc1a97d339ee280ca2b48faf49066403eb3a83956acdd797a1783032f
d740076d7a57d81d7ba8559257971ec7691a07459594ae0bf340b4c65962fff7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
db6cae37a4bfe21d3bfbdc72d13e35030df13c9ef32a4f9a3c14adfa4bfee7cf
de63a2d85245b9516200c6006fa2590d85504b53dbfaa856c0f09e005d81b093
e0663b8178550ae2e131da6cd79a91b09d8831dd49e1daa3f4aa12b2f3862a5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e7a22b586532669e3e86d019c3faa366bb89af54fea98c28eb526415d01990a7
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cbbaed95cc8ce53e4b8846bf7cdcf22cea26b7e6a26c1f0a52261bda080d46
f985dac1bc0e4d4225a2357a8f91b26ccbca010f29f8878fe8c99915a3e7f3f9
fd0f1cd7d1327a351fd53abbba74424fa8e05b340870166fc2aef0da606e6b28
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7f7aae5fdd50dee838d28c038d17baa8c7e8d5b008bc946ef40b63c5e9d66e

www.updatestar.com Open in urlscan Pro 2a01:488:67:1000:5bfa:5108:0:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

94 %HTTPS

68 %IPv6

19 Domains

30 Subdomains

24 IPs

6 Countries

1174 kBTransfer

3229 kBSize

26 Cookies

52 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.updatestar.com Open in urlscan Pro
2a01:488:67:1000:5bfa:5108:0:1 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

94 %
HTTPS

68 %
IPv6

19
Domains

30
Subdomains

24
IPs

6
Countries

1174 kB
Transfer

3229 kB
Size

26
Cookies

135 HTTP transactions
4 data transactions