urlscan.io logo urlscan.io
SecurityTrails logo

www.wincert.net Open in urlscan Pro
104.168.147.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3bS4ALC
Effective URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Submission: On March 05 via manual from HU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 10 countries across 63 domains to perform 290 HTTP transactions. The main IP is 104.168.147.90, located in United States and belongs to HOSTWINDS, US. The main domain is www.wincert.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 18th 2021. Valid for: 3 months.
This is the only time www.wincert.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
34 104.168.147.90 54290 (HOSTWINDS)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 185.220.204.135 41436 (CLOUDWEBM...)
1 151.139.128.11 20446 (HIGHWINDS3)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 26 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 4 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
3 35.190.91.160 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 65.9.95.127 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2.18.233.180 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
2 2 34.98.64.218 15169 (GOOGLE)
19 45.83.41.218 204548 (CLOUDWEBM...)
2 54.93.211.166 16509 (AMAZON-02)
1 1 116.202.172.174 24940 (HETZNER-AS)
4 4 2.18.234.21 16625 (AKAMAI-AS)
4 5 185.33.221.90 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 52.30.234.204 16509 (AMAZON-02)
2 2 35.244.255.22 15169 (GOOGLE)
1 185.94.180.124 35220 (SPOTX-AMS)
1 3.123.110.9 16509 (AMAZON-02)
1 185.86.139.95 201081 (SMARTADSE...)
1 2.18.234.233 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
25 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 185.64.190.78 62713 (AS-PUBMATIC)
7 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 18.198.69.109 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
4 4 52.35.2.64 16509 (AMAZON-02)
8 22 142.250.74.194 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 69.173.144.165 26667 (RUBICONPR...)
2 2 217.182.200.20 16276 (OVH)
2 216.58.212.163 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 151.101.14.49 54113 (FASTLY)
3 5 18.197.47.23 16509 (AMAZON-02)
4 5 54.154.164.132 16509 (AMAZON-02)
2 4 3.126.56.137 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TELIANET ...)
1 17 185.64.189.110 62713 (AS-PUBMATIC)
3 3 52.215.8.160 16509 (AMAZON-02)
1 185.86.137.110 201081 (SMARTADSE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 188.165.137.78 16276 (OVH)
3 3 213.19.147.150 3356 (LEVEL3)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 2 199.232.137.44 54113 (FASTLY)
2 2 3.127.88.255 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 159.253.128.188 36351 (SOFTLAYER)
1 37.157.2.234 198622 (ADFORM)
1 1 185.29.133.58 30419 (MEDIAMATH...)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 108.129.8.178 16509 (AMAZON-02)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 142.250.185.242 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
290 67
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
34    104.168.147.90 (United States)

ASN54290 (HOSTWINDS, US)
PTR: server.heidoc.net
www.wincert.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
28    185.220.204.135 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.sekindo.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
26    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
4    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
3    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
19    45.83.41.218 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.sekindo.com
2    54.93.211.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    116.202.172.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.172.202.116.clients.your-server.de
csync.loopme.me
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
5    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.30.234.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-234-204.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.244.255.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.255.244.35.bc.googleusercontent.com
x.skimresources.com
1    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    3.123.110.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
25    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
9    2a00:1450:400c:c03::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
4    52.35.2.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
e.dlx.addthis.com
22    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    217.182.200.20 (France)

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl
googlecm.hit.gemius.pl
2    216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
1    2a00:1450:400a:9::9 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
r4---sn-1gi7znes.googlevideo.com
1    2a00:1450:4001:5a::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednll.googlevideo.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    54.154.164.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1450:400c:c07::8a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
17    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    52.215.8.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-8-160.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    188.165.137.78 (France)

ASN16276 (OVH, FR)
green.erne.co
3    213.19.147.150 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    3.127.88.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    108.129.8.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    142.250.185.242 (United States)

ASN15169 (GOOGLE, US)
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i1-v6exp3.v4.metric.gstatic.com
1    2a00:1450:4001:80f::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i2-v6exp3.ds.metric.gstatic.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
58 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
213 KB
47 sekindo.com
live.sekindo.com
video.sekindo.com
641 KB
44 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
424 KB
34 wincert.net
www.wincert.net
754 KB
29 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
simage4.pubmatic.com
76 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i1-v6exp3.v4.metric.gstatic.com
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i2-v6exp3.ds.metric.gstatic.com
90 KB
13 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
x.skimresources.com
26 KB
10 google.com
www.google.com
adservice.google.com
1 KB
6 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
5 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 adnxs.com
secure.adnxs.com
ib.adnxs.com
4 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
304 KB
5 gravatar.com
secure.gravatar.com
44 KB
5 googletagservices.com
www.googletagservices.com
162 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 addthis.com
e.dlx.addthis.com
4 KB
4 casalemedia.com
ssum-sec.casalemedia.com
4 KB
4 openx.net
u.openx.net
rtb.openx.net
1 KB
3 bidr.io
match.prod.bidr.io
1 KB
3 quantserve.com
cms.quantserve.com
pixel.quantserve.com
1 KB
3 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
2 KB
3 google.de
www.google.de
adservice.google.de
2 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 fiftyt.com
visitor.fiftyt.com
992 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tapad.com
pixel.tapad.com
616 B
2 w55c.net
pm.w55c.net
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
561 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 youtube.com
s.youtube.com
2 googlevideo.com
r4---sn-1gi7znes.googlevideo.com
r2---sn-4g5ednll.googlevideo.com
576 KB
2 gemius.pl
googlecm.hit.gemius.pl
468 B
2 rubiconproject.com
pixel.rubiconproject.com
922 B
2 exelator.com
loadeu.exelator.com
4 KB
2 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
330 B
2 crwdcntrl.net
sync.crwdcntrl.net
1017 B
2 bidswitch.net
x.bidswitch.net
291 B
2 amazon-adsystem.com
c.amazon-adsystem.com
34 KB
2 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
640 B
2 google-analytics.com
www.google-analytics.com
19 KB
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
486 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 mathtag.com
sync.mathtag.com
680 B
1 adform.net
c1.adform.net
187 B
1 simpli.fi
um.simpli.fi
609 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 contextweb.com
bh.contextweb.com
594 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
650 B
1 erne.co
green.erne.co
325 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
304 B
1 2mdn.net
s0.2mdn.net
17 KB
1 stickyadstv.com
ads.stickyadstv.com
580 B
1 loopme.me
csync.loopme.me
243 B
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 bit.ly
bit.ly
277 B
290 63
Domain Requested by
34 www.wincert.net www.wincert.net
28 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
28 live.sekindo.com www.wincert.net
live.sekindo.com
25 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
22 cm.g.doubleclick.net 8 redirects www.wincert.net
googleads.g.doubleclick.net
19 video.sekindo.com www.wincert.net
19 pagead2.googlesyndication.com www.wincert.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
srcdoc
tpc.googlesyndication.com
11 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
9 csi.gstatic.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
7 securepubads.g.doubleclick.net googleads.g.doubleclick.net
imasdk.googleapis.com
7 www.google.com 4 redirects www.wincert.net
googleads.g.doubleclick.net
6 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
5 match.adsrvr.org 4 redirects ads.pubmatic.com
5 pixel.advertising.com 3 redirects www.wincert.net
5 ads.pubmatic.com live.sekindo.com
ads.pubmatic.com
5 secure.gravatar.com www.wincert.net
5 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ups.analytics.yahoo.com 2 redirects www.wincert.net
ads.pubmatic.com
4 sync-tm.everesttech.net 4 redirects
4 e.dlx.addthis.com 4 redirects
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 fonts.gstatic.com fonts.googleapis.com
4 secure.adnxs.com 4 redirects
4 ssum-sec.casalemedia.com 4 redirects
4 r.skimresources.com 2 redirects www.wincert.net
3 match.prod.bidr.io 3 redirects
3 fonts.googleapis.com www.wincert.net
live.sekindo.com
googleads.g.doubleclick.net
3 p.skimresources.com www.wincert.net
3 t.skimresources.com www.wincert.net
s.skimresources.com
3 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
2 pixel-sync.sitescout.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 s.youtube.com blank
2 p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
2 googlecm.hit.gemius.pl 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 rtb.openx.net 2 redirects
2 cms.quantserve.com googleads.g.doubleclick.net
2 imasdk.googleapis.com live.sekindo.com
imasdk.googleapis.com
2 loadeu.exelator.com 1 redirects www.wincert.net
2 x.skimresources.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 x.bidswitch.net www.wincert.net
ads.pubmatic.com
2 u.openx.net 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c.amazon-adsystem.com live.sekindo.com
c.amazon-adsystem.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googleadservices.com
1 p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i2-v6exp3.ds.metric.gstatic.com
1 p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i1-v6exp3.v4.metric.gstatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 ib.adnxs.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 c1.adform.net ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com image6.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 r2---sn-4g5ednll.googlevideo.com
1 r4---sn-1gi7znes.googlevideo.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 hbopenbid.pubmatic.com live.sekindo.com
1 ads.stickyadstv.com live.sekindo.com
www.wincert.net
1 prg.smartadserver.com live.sekindo.com
1 ads.adaptv.advertising.com live.sekindo.com
1 search.spotxchange.com live.sekindo.com
1 csync.loopme.me 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de www.wincert.net
1 stats.g.doubleclick.net www.google-analytics.com
1 s.skimresources.com www.wincert.net
1 www.googletagmanager.com www.wincert.net
1 bit.ly 1 redirects
290 97
Subject Issuer Validity Valid
wincert.net
cPanel, Inc. Certification Authority		 2021-01-18 -
2021-04-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.sekindo.com
Go Daddy Secure Certificate Authority - G2		 2020-10-27 -
2021-11-28		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-04		 2 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-03 -
2022-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.v4.metric.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.ds.metric.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 44 frames:

Primary Page: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Frame ID: 473B5A707671CAFF6D49A1028ABE252E
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: 54709A144164A18AAB7588683E71AB28
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Frame ID: 2D0CA6ABBBB4B22CE6DDE6DFD9CD036E
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&adk=1812271804&adf=3025194257&lmt=1614972128&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614975239510&bpp=13&bdt=787&idt=144&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5441724635662&rume=1&frm=20&pv=2&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: 416B50913AC75DF941C02B259D21BA9C
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4217204598757929
Frame ID: A68EA3B6DBF618FAD37CF7C5E948BD1F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Frame ID: B99AE09AA80D411668D742E289BA4512
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Frame ID: 61F4D919A568054A6F4376598362F8A7
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 947726217002594396EFAD8C44D6CC9B
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: E7271919D406A914A0DC90915159B434
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=94&advUuid=52a1311d-7def-11eb-9c64-1c5660562906
Frame ID: 36AF0569E54362A28D89865E7269E144
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=98&advUuid=25c853c7-4510-4be3-9ee5-0d5c9b66b4ee
Frame ID: B4A168EC3D4F2DADE7D3BF871881F453
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Frame ID: F710CAD3E59E5AD0959702EF7054E721
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Frame ID: 57F914FDBB4A1D2B3437FE38F18137CD
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D30B86FCC1DF6333D6C1638316D6259C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B6420AA4572D42C54E5F89CE05A89FA9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 73C22C2CFAE62769D616203A27A00312
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 59693C1C42EE523CF3FDDCD41255F573
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 527239463EF9481CE75857D9028D2DFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2D824E40233E2FEF2F67C6BBE8500286
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 503C10B5487A546725FFDB8AC80543AD
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 4A15AFB668EC8DD8A051856507A011AC
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 87F3A4E8E4B65F07849E229F0BD1EC8C
Requests: 2 HTTP requests in this frame

Frame: https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 78CA3763F166F4CB1534339000E40807
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9D7C33E18DAFB0E5AB3BE7A6FC41096
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 19A0FE3034BD50A0852FFEA139B45B86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6F2CA05ECD03386E4A2FF5A02102B827
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 1114A458C1BEF751DC571CB7FD32A9E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: BC7C0E74591A3AAAF0AF2CE20D777039
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6DBBB5BF5531110F241D754EFDCCF9B5
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: EF602F7A6FA109108720A65EE31A9FB5
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44712632%2C44729226&el=adunit&cpn=946xmaU7ST0Lm1q1&docid=VAv7NWu41Nk&ver=2&cmt=0.179&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.wincert.net%2F&len=15.511&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=14&rtn=10
Frame ID: 5369FA75F750C45E3C89E8C80FDF9E08
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D7C6B0AF859DA7AA2415AFEF38E16901
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=6398253834614836993
Frame ID: 888C1C7FDA63E5E45ADF859388B6F55F
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: 7E527CFE58D25709F2BB7359EEED01FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936265861124782231
Frame ID: C7936A86441072DEED9C13F2310D0ADD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0qltUy4GtTGFcpb754nfWbBe
Frame ID: 56EEF6296D0D4618DB5823D337756380
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003
Frame ID: 5F5227AD3B3905044EE98E757919BA97
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Frame ID: A7051290484FAD4CBD4C2F64008B3D84
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 36A00D6CE9584C0D0D1DB11A76AE3194
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=KFK13XzDG4Xe&pid=557219
Frame ID: 811E5EC1D741FC25AF961A25EEF5A82D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: E203ACA01FBA2C3F9C5DD869EC2591E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bdv6V9td1LigPP5&gdpr=1&gdpr_consent=
Frame ID: 0FB753C0FCAFE44D8431B5E0C4B40BDF
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 20D6366164CFDD00CBD69A31347936C0
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.179&rtn=15.511&ns=yt&fexp=44712632%2C44729226&el=adunit&cpn=946xmaU7ST0Lm1q1&docid=VAv7NWu41Nk&ver=2&cmt=10.179&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.wincert.net%2F&len=15.511&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 15ADC967751C056C8A952FA8DE3F0BB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3bS4ALC HTTP 301
    https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

290
Requests

100 %
HTTPS

32 %
IPv6

63
Domains

97
Subdomains

67
IPs

10
Countries

3426 kB
Transfer

7029 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3bS4ALC HTTP 301
    https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F020D1MNJRXT6JYP0VTGH7VH&persistence=1&checksum=d70a2fcaa40b1e8e5a3777a479ef62f28e2a0fd7757ce0005ccaf86bd4ca68d3
Request Chain 68
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F020D1NC6TYKNX7BFBX37KXN&persistence=1&checksum=7394a43942734d7553548fe8c4e661b5d4682960c853d169fbbf7fa52d4d5422
Request Chain 74
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=52a13163-7def-11eb-9c64-1c5660562906 HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=94&advUuid=52a1311d-7def-11eb-9c64-1c5660562906
Request Chain 75
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=98&advUuid=25c853c7-4510-4be3-9ee5-0d5c9b66b4ee
Request Chain 91
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=93&advUuid=d5f690cd-784c-46e7-9d20-d55be637c74a
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D99%26advUuid%3D&C=1 HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=99&advUuid=YEKRCJLY7q12QJynegG5eQAABLUAAAAB
Request Chain 93
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D604291079ac06%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=105&advUuid=8943474206972987398
Request Chain 108
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=a8c26edd195c4dd731584d4e13db8c85 HTTP 302
  • https://p.skimresources.com/?provider_id=a8c26edd195c4dd731584d4e13db8c85&skim_mapping=true
Request Chain 141
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 156
  • https://x.skimresources.com/?provider=exelate&gdpr=0&gdpr_consent= HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0 HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
Request Chain 177
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIARKPrXcrNLATFlXINRTH4tudrj6O6AOzBoB6zCQ_Yd7YhAE-kzmnNzLrn06UC4dXQGh38dzSTlvvjXjmhXcP75hfESDGC1A&google_gid=CAESEFVqp8WoqrR0v-zmcYsEodo&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIARKPrXcrNLATFlXINRTH4tudrj6O6AOzBoB6zCQ_Yd7YhAE-kzmnNzLrn06UC4dXQGh38dzSTlvvjXjmhXcP75hfESDGC1A&google_gid=CAESEFVqp8WoqrR0v-zmcYsEodo&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDE4NzkyOTU5MTUxNzIzMQ%3D%3D&google_push=AQvitUIARKPrXcrNLATFlXINRTH4tudrj6O6AOzBoB6zCQ_Yd7YhAE-kzmnNzLrn06UC4dXQGh38dzSTlvvjXjmhXcP75hfESDGC1A
Request Chain 178
  • https://rtb.openx.net/sync/dds?google_gid=CAESENUmu9x9uAq4DV1G5__I_PY&google_cver=1&google_push=AQvitUJY7cHLdP9c1p7T93tAs0SzKiYDYLLiqOUq5LNVkLkY8fAN-qSqJxVUUwLedWu40hpjuc2xjPbElllVKXIXVoxBXWWTrMnNJQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJY7cHLdP9c1p7T93tAs0SzKiYDYLLiqOUq5LNVkLkY8fAN-qSqJxVUUwLedWu40hpjuc2xjPbElllVKXIXVoxBXWWTrMnNJQ&google_hm=DTs_S6DQyj489NfIpDfNQQ==
Request Chain 179
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDF6ckT1zWEoE9jCqRhLtJ4&google_cver=1&google_push=AQvitUKLkuy9FBJUkxHXrEFT9KeJfp7EJFiJu-4f12MZDiohg4IoPlvZdIYbkXhXeRiR7Pfr62O397fBEG7NZUkKVRtrFUzXziiWYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKLkuy9FBJUkxHXrEFT9KeJfp7EJFiJu-4f12MZDiohg4IoPlvZdIYbkXhXeRiR7Pfr62O397fBEG7NZUkKVRtrFUzXziiWYQ
Request Chain 180
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMuFh5oOAizJon_064Fya30&google_cver=1&google_push=AQvitUKaCzbmeWb1S8aBQ7pGa2bcsq_h-_sJrtrKRXjRW6TilcvCnBxV-guxea-VfNL--GNR6X-WnKXDzBE5euJSmCHCBR4tkrHf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3NjAtMVYtTEtGRw==&google_push=AQvitUKaCzbmeWb1S8aBQ7pGa2bcsq_h-_sJrtrKRXjRW6TilcvCnBxV-guxea-VfNL--GNR6X-WnKXDzBE5euJSmCHCBR4tkrHf
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDS-wVOK3zL3byR7aBm2WIU&google_cver=1&google_push=AQvitUIDsb3eGpX7_8XAyjOv6kMjlUThW7UwPizpx90-lwMG5xUGLoKP5Mk7BQikZpJ-QiFNT2ZR2iZoMI1gKyajGLtRaIIYnrJKNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_gid=CAESEDS-wVOK3zL3byR7aBm2WIU&google_cver=1&google_push=AQvitUIDsb3eGpX7_8XAyjOv6kMjlUThW7UwPizpx90-lwMG5xUGLoKP5Mk7BQikZpJ-QiFNT2ZR2iZoMI1gKyajGLtRaIIYnrJKNA
Request Chain 182
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJeSCedGYbldhOYpil7FqnY&google_cver=1&google_push=AQvitUK8YFwYrunEF3-NDL2Vsfmep2ez1YRptlehV_FkF6buDrvnRaYbMHxUFR2oqaSBtqHhl2TMSYNeBlkFcyz-1UGaOspTmu_YbjA HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK8YFwYrunEF3-NDL2Vsfmep2ez1YRptlehV_FkF6buDrvnRaYbMHxUFR2oqaSBtqHhl2TMSYNeBlkFcyz-1UGaOspTmu_YbjA&google_hm=
Request Chain 187
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 193
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJvj5F0NjMdTcsCp-iE47yBZG8fsIWl9YGrt5KjVghW8x8xZZSx9pkUfq_7GXlPmySV3LHOcnZYcKb82BK43UyB27RTCGk&google_gid=CAESENzDLVijR9hyziMauUmtYMI&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJvj5F0NjMdTcsCp-iE47yBZG8fsIWl9YGrt5KjVghW8x8xZZSx9pkUfq_7GXlPmySV3LHOcnZYcKb82BK43UyB27RTCGk&google_gid=CAESENzDLVijR9hyziMauUmtYMI&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDIwNTExODA2ODIwNjk5MQ%3D%3D&google_push=AQvitUJvj5F0NjMdTcsCp-iE47yBZG8fsIWl9YGrt5KjVghW8x8xZZSx9pkUfq_7GXlPmySV3LHOcnZYcKb82BK43UyB27RTCGk
Request Chain 194
  • https://rtb.openx.net/sync/dds?google_gid=CAESEITVAN122HNVM7z-EJSTPgw&google_cver=1&google_push=AQvitUK9ChKdkfHxgfyeZD-zk9xMhSvlu_yJkoFJMuBnNNz1bfHhy0s7rT3rlCA0zII4d-RWrRYhqbmXFxBHJ159e7h3UO7Vlcw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK9ChKdkfHxgfyeZD-zk9xMhSvlu_yJkoFJMuBnNNz1bfHhy0s7rT3rlCA0zII4d-RWrRYhqbmXFxBHJ159e7h3UO7Vlcw&google_hm=DTs_S6DQyj489NfIpDfNQQ==
Request Chain 195
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB6_6_ZsmzJMvj4N7y_FqrE&google_cver=1&google_push=AQvitUJRT4Th2RwVtON-tf3WgFr2dQ3HgRXlZjMjKXYjKwk7TQKQxwyw5onjTY3CDBDgfnlud_9OdgMmUPvhqhs3SmTQqG8s7lk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJRT4Th2RwVtON-tf3WgFr2dQ3HgRXlZjMjKXYjKwk7TQKQxwyw5onjTY3CDBDgfnlud_9OdgMmUPvhqhs3SmTQqG8s7lk
Request Chain 196
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELbYI6i4fXMRamimv5QoR2w&google_cver=1&google_push=AQvitUJjhGXkAz6W2x1fzRopQGdsl0gKZ9tU_4v0ndLptnCZZTdMiEt_11lKSmeGl4TX51sYq0qPhAVW49Ll-fnEzYp8WO47WvQB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3OVotMU4tSTdJWg==&google_push=AQvitUJjhGXkAz6W2x1fzRopQGdsl0gKZ9tU_4v0ndLptnCZZTdMiEt_11lKSmeGl4TX51sYq0qPhAVW49Ll-fnEzYp8WO47WvQB
Request Chain 197
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI2SiCJLggA-pN6IfCAhktM&google_cver=1&google_push=AQvitULGYoI6aERVhB9ps_oCMyvEL82XTIiXvmmHlUFGv_8WUm3291WCG91vlqHlsHO5ThvKqiA-vsIbIyXmPGMTJjm3Xy1xqh-v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_push=AQvitULGYoI6aERVhB9ps_oCMyvEL82XTIiXvmmHlUFGv_8WUm3291WCG91vlqHlsHO5ThvKqiA-vsIbIyXmPGMTJjm3Xy1xqh-v&google_cver=1&google_gid=CAESEI2SiCJLggA-pN6IfCAhktM
Request Chain 198
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHFkuj0cB92E0swMtsxrG-s&google_cver=1&google_push=AQvitUIIZtdIQFAj5pgfpmEbuq64NuTTzW15YMBcRiVNz0dYQbN6T4rj1Fl7TEgCdaWK_-_if1O1olY8YHvq-z7HuPFUQH9emCMd HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIIZtdIQFAj5pgfpmEbuq64NuTTzW15YMBcRiVNz0dYQbN6T4rj1Fl7TEgCdaWK_-_if1O1olY8YHvq-z7HuPFUQH9emCMd&google_hm=
Request Chain 200
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 220
  • https://r4---sn-1gi7znes.googlevideo.com/videoplayback?expire=1615004041&ei=CZFCYJnlHI7W-gbM8bWgBA&ip=185.156.175.107&id=540bfb356bb8d4d9&itag=22&source=youtube&requiressl=yes&mh=DK&mm=31&mn=sn-1gi7znes&ms=au&mv=m&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.557&lmt=1613657614526357&mt=1614974920&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgS2ADxfxV6PEpNpbaONt4LdoHvDn-aqHbCZrY-NVcjg4CIQDgX6NCc9BTPBA6dyd_bBZUL5ZQx_a2khhnR_XNj0x4eQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgV8PG8x-647yHaK5i7GpQkZpizyYKSt_fGpEPbJC2f78CIFjkHi2L1zeUYtvXvVGjmvzP5GhL5TzQQvfBCuT69REU&cpn=946xmaU7ST0Lm1q1 HTTP 302
  • https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1615004041&ei=CZFCYJnlHI7W-gbM8bWgBA&ip=185.156.175.107&id=540bfb356bb8d4d9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.557&lmt=1613657614526357&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgS2ADxfxV6PEpNpbaONt4LdoHvDn-aqHbCZrY-NVcjg4CIQDgX6NCc9BTPBA6dyd_bBZUL5ZQx_a2khhnR_XNj0x4eQ==&cpn=946xmaU7ST0Lm1q1&redirect_counter=1&rm=sn-1giez7z&req_id=a136612f906836e2&cms_redirect=yes&ipbypass=yes&mh=DK&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednll&ms=au&mt=1614974920&mv=m&mvi=2&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIAokqDRk2RBBGNRfCPvcgcD7xkfZy4NcihK_7vENP0JAiBkQZhHM-qVcXDFU3gI6rR3flZeYO80g7RG2BrrcoY5jA%3D%3D
Request Chain 223
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f5699063d2a23f9f1cecd58df4ef569c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=d091_6936265843945637643 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjU2OTkwNjNkMmEyM2Y5ZjFjZWNkNThkZjRlZjU2OWM=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENMbnmhII02ArGQnexbL7Y0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YEKRCQAAAGGaMyzr&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3c0117ae-aebd-4fab-b8c0-9e55960813f8 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=dd056042-910a-4200-9e6b-a97c6c338a97&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1864535805343350866 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAFWlU7AhSIAAET9w_EoFA HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f5699063d2a23f9f1cecd58df4ef569c&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-MyAtkR91lwSwNVoyjhvZgEmuN.jLdq2bpC1t0PWy HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7247970263978355120
Request Chain 224
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YEKRCQAAAGGaMyzr HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YEKRCQAAAGGaMyzr&_origin=0&gdpr=1&gdpr_consent=&_test=YEKRCQAAAGGaMyzr
Request Chain 225
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=3c0117ae-aebd-4fab-b8c0-9e55960813f8&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0117ae-aebd-4fab-b8c0-9e55960813f8
Request Chain 226
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1MzhkZjRlMi03ZGVmLTExZWItOWJhNi0wMjllNDA0ZmE0YzA%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEMKcfTQ5XuJTEBizj9xWFts&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMKcfTQ5XuJTEBizj9xWFts&google_cver=1&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0
Request Chain 249
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=6398253834614836993
Request Chain 250
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUjlFN0FoU0lBQUVWSmM4WG5HUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 251
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936265861124782231
Request Chain 252
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0qltUy4GtTGFcpb754nfWbBe
Request Chain 253
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2083680818 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2083680818 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/33db55ac-b5ef-4ffe-8677-05b8cdc94dfd HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-568c55de-d3cc-4fc3-9623-3b08155474fc-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003
Request Chain 255
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 256
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=KFK13XzDG4Xe&pid=557219
Request Chain 257
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 258
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bdv6V9td1LigPP5&gdpr=1&gdpr_consent=
Request Chain 259
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OyBtgf2ASMOsNwBwrciNIg%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OyBtgf2ASMOsNwBwrciNIg%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 262
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3B206D81-FD80-48C3-AC37-0070ADC88D22&sInitiator=external&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3B206D81-FD80-48C3-AC37-0070ADC88D22&sInitiator=external&gdpr=1&gdpr_consent=
Request Chain 263
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3B206D81-FD80-48C3-AC37-0070ADC88D22&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3B206D81-FD80-48C3-AC37-0070ADC88D22&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3B206D81-FD80-48C3-AC37-0070ADC88D22&addseg=31
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0IyMDZEODEtRkQ4MC00OEMzLUFDMzctMDA3MEFEQzg4RDIy&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0IyMDZEODEtRkQ4MC00OEMzLUFDMzctMDA3MEFEQzg4RDIy&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESEAlsX2Yf6hffbHsl4y901QA&google_cver=1
Request Chain 268
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76886042-910c-4d00-92de-003908c8d36f&gdpr=1&gdpr_consent=
Request Chain 273
  • https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3790050175087946160&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 274
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO
Request Chain 276
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&_test=YEKRDQAAAKFC_irK HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEKRDQAAAKFC_irK&gdpr=1&gdpr_consent=&_test=YEKRDQAAAKFC_irK
Request Chain 277
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=24dad056-a3fc-47cf-b80f-c4cb991f8dd9-6042910d-4348&gdpr=0&gdpr_consent=
Request Chain 279
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:edb7fd29-da20-40d3-9784-2866995ae273&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 280
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7237246473167682943
Request Chain 281
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_027ac2e7-90ed-43b0-a9d5-540b735e6fcd
Request Chain 291
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CgQHnCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5EhGyhXx3X-dbufwLTulf6SU_PqcljHh-UMAEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NLEJ1WBWBj7nqcSACgOYCwHICwHQCw-4DAHYEwI&num=1&sig=AOD64_2PWoK9Qtkaz2W-3kplrjMWFvuSLA&client=ca-pub-9785835472657805&adurl=https://www.zendesk.de/%3Futm_source%3Dyoutube%26utm_medium%3DPaidSocial%26utm_campaign%3D%7Bcampaign%7D%26utm_term%3DCustomIntent-KW%26utm_content%3D499245445395%26utm_adgroup%3D%7Badgroup%7D%26utm_source%3Dgoogle%26utm_medium%3D%26utm_network%3Dvp%26utm_campaign%3D%26matchtype%3D%26utm_term%3Dcrm%2520software%26utm_content%3D499245445395%26utm_adgroup%3D%26gclsrc%3Daw.ds%26&ctype=110&label=video_10s_engaged_view&ad_mt=10179&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26p0%3D279,-2727,547,-2250%26p1%3D413,273,681,750%26p2%3D413,273,681,750%26tos%3D10010,0,0,0,0%26mtos%3D10010,10010,10010,10010,10010%26amtos%3D0,0,0,0,0%26mtos1%3D3760,0,0%26mtos2%3D4000,0,0%26mcvt%3D10010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2471%26pst%3D437%26dur%3D15510%26vmtime%3D10178%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2250,2250,2250,2250,2250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D51,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147481601%26psv%3D2047%26psfv%3D2047%26psa%3D0%26ptlt%3D1614975251975%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10010%26ss0%3D0%26ss1%3D0,0.06,0.06%26ss2%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1614975241579 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CcH2TCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5EhGyhXx3X-dbufwLTulf6SU_PqcljHh-UMAEienEo68D4AQBwAVuoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NJoJF2h0dHBzOi8vd3d3LnplbmRlc2suZGUvsQnVYFYGPuepxIAKA5gLAcgLAdALD7gMAdgTAg&num=1&client=ca-pub-9785835472657805&ctype=110&label=video_10s_engaged_view&ad_mt=10179&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26p0%3D279,-2727,547,-2250%26p1%3D413,273,681,750%26p2%3D413,273,681,750%26tos%3D10010,0,0,0,0%26mtos%3D10010,10010,10010,10010,10010%26amtos%3D0,0,0,0,0%26mtos1%3D3760,0,0%26mtos2%3D4000,0,0%26mcvt%3D10010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2471%26pst%3D437%26dur%3D15510%26vmtime%3D10178%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2250,2250,2250,2250,2250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D51,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147481601%26psv%3D2047%26psfv%3D2047%26psa%3D0%26ptlt%3D1614975251975%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10010%26ss0%3D0%26ss1%3D0,0.06,0.06%26ss2%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1614975241579&cid=CAQSKQCNIrLMbQDGsrTpAffk3I9r-VtC82HevV458xC8qCe02tYmIa-RDbQ_&dblrd=1&val=ChAyMmM5ZjdlOWFmYmEwMDgwEJOiioIGGgjFdDiIodEp1iABKAE&sig=AOD64_3f93C6o15lrKeRnMuNwX6boxS5Ng&adurl=https://www.zendesk.de/%3Futm_source%3Dyoutube%26utm_medium%3DPaidSocial%26utm_campaign%3D%7Bcampaign%7D%26utm_term%3DCustomIntent-KW%26utm_content%3D499245445395%26utm_adgroup%3D%7Badgroup%7D%26utm_source%3Dgoogle%26utm_medium%3D%26utm_network%3Dvp%26utm_campaign%3D%26matchtype%3D%26utm_term%3Dcrm%2520software%26utm_content%3D499245445395%26utm_adgroup%3D%26gclsrc%3Daw.ds%26

290 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Redirect Chain
  • https://bit.ly/3bS4ALC
  • https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
102 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
9fd03bf8a44297466c71522f51dd5914c120102eb60f8021705c47aeeb9f6753

Request headers

:method
GET
:authority
www.wincert.net
:scheme
https
:path
/cast/winrar-6-0-giveaway-on-wincert-net/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
server
Apache
vary
Accept-Encoding,User-Agent
last-modified
Fri, 05 Mar 2021 19:22:08 GMT
etag
"57c9-5bccf0011e068"
accept-ranges
bytes
content-length
22473
referrer-policy
content-type
text/html; charset=UTF-8
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 05 Mar 2021 20:13:58 GMT
content-type
text/html; charset=utf-8
content-length
151
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
referrer-policy
unsafe-url
set-cookie
_bit=l25kdW-7c8b768fe2c48fc7e1-00a; Domain=bit.ly; Expires=Wed, 01 Sep 2021 20:13:58 GMT
via
1.1 google
alt-svc
clear
fa-brands-400.woff2
www.wincert.net/wp-content/themes/hueman/assets/front/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"13288-5bc99548696b0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Mar 2022 20:13:58 GMT
fa-regular-400.woff2
www.wincert.net/wp-content/themes/hueman/assets/front/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"3514-5bc9954868af8-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13611
expires
Sat, 05 Mar 2022 20:13:58 GMT
fa-solid-900.woff2
www.wincert.net/wp-content/themes/hueman/assets/front/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"1397c-5bc9954869a98-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Mar 2022 20:13:58 GMT
titillium-light-webfont.woff
www.wincert.net/wp-content/themes/hueman/assets/front/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/fonts/titillium-light-webfont.woff
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
5758d1ad3c6f35962da2c4d2e162cf59ef64dc0954c54171eaa73babbb2af9e2

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"6088-5bc995486c590-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24620
expires
Sat, 05 Mar 2022 20:13:58 GMT
titillium-lightitalic-webfont.woff
www.wincert.net/wp-content/themes/hueman/assets/front/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/fonts/titillium-lightitalic-webfont.woff
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
97363b6ced0c1ca6d76ebcc6782512959cc8c5d6c8f40cb4976b4179bb685e53

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"6888-5bc995486bdc0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26665
expires
Sat, 05 Mar 2022 20:13:58 GMT
titillium-regular-webfont.woff
www.wincert.net/wp-content/themes/hueman/assets/front/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/fonts/titillium-regular-webfont.woff
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
8daaa4ed16297478af007774febefe6ca3674fda47ed73e913b1b583d34883fb

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"6078-5bc995486c1a8-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24598
expires
Sat, 05 Mar 2022 20:13:58 GMT
titillium-regularitalic-webfont.woff
www.wincert.net/wp-content/themes/hueman/assets/front/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/fonts/titillium-regularitalic-webfont.woff
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
8dbe8457cc41e254cb7fcd4dfa77c52c16413c18f35a370b77c5f07b4895562a

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"67dc-5bc995486b9d8-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26499
expires
Sat, 05 Mar 2022 20:13:58 GMT
titillium-semibold-webfont.woff
www.wincert.net/wp-content/themes/hueman/assets/front/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/themes/hueman/assets/front/fonts/titillium-semibold-webfont.woff
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
62ff09a8013f9dfc0f7cbefc6feb180c258818e151aff470902f29ef44342f0d

Request headers

Origin
https://www.wincert.net
Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
server
Apache
etag
"609c-5bc995486c590-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24629
expires
Sat, 05 Mar 2022 20:13:58 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-103302831-1
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bb0faaab9d38353e44b98c308fb1de2991c573cb57088647ca6b3c08ea43461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39412
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Mar 2021 20:13:58 GMT
2c8cd.css
www.wincert.net/wp-content/cache/minify/ 		150 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/2c8cd.css
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
8e7c1a654eeca8acb28518728b0da3f8ca040ecfca29e705f3bd71d9e8246ff5

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:01:33 GMT
server
Apache
etag
"654b-5bcb3e3f52ce8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25931
expires
Sat, 05 Mar 2022 20:13:58 GMT
5993e.css
www.wincert.net/wp-content/cache/minify/ 		70 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/5993e.css
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
6a44f4b12b9c14285ff244203bc7faf75c497d60310ee65d30ed4c76d4da9297

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:01:33 GMT
server
Apache
etag
"3a8e-5bcb3e3f5e868"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14990
expires
Sat, 05 Mar 2022 20:13:58 GMT
818c0.js
www.wincert.net/wp-content/cache/minify/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/818c0.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
a2759e9632fdef7ecd7daa00e87ec1c8345a57be7425b87b649603382cdf007b

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:01:33 GMT
server
Apache
etag
"859c-5bcb3e3f57720"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34204
expires
Sat, 05 Mar 2022 20:13:58 GMT
45bdc.js
www.wincert.net/wp-content/cache/minify/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/45bdc.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
703cde1e5839d4adbcd93d163b2ab65c51d00bcf6e670f765540bd801c56b4b9

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:00:55 GMT
server
Apache
etag
"b04-5bcb3e1bbdeb8"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2820
expires
Sat, 05 Mar 2022 20:13:58 GMT
392b9.js
www.wincert.net/wp-content/cache/minify/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/392b9.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
0825c09d84acfdf463a04688c2144e65416e34f0121ce4102f3237d2226d7c7d

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:00:56 GMT
server
Apache
etag
"967-5bcb3e1bf74b0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2407
expires
Sat, 05 Mar 2022 20:13:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 20:13:58 GMT
cropped-wincert_frontpage_logo-3.png
www.wincert.net/wp-content/uploads/2020/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2020/11/cropped-wincert_frontpage_logo-3.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
91531becf889a84ff9acbe50dc2c901fd7288b3b13358d26d0e5f9da15bce38e

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sat, 28 Nov 2020 22:38:58 GMT
server
Apache
etag
"327f-5b53271598e00"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12927
expires
Sat, 05 Mar 2022 20:13:59 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103302831-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2733
date
Fri, 05 Mar 2021 19:28:26 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 05 Mar 2021 21:28:26 GMT
wp-emoji-release.min.js
www.wincert.net/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Feb 2021 03:19:51 GMT
server
Apache
etag
"3795-5ba7a2d41d5b8-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4662
expires
Sat, 05 Mar 2022 20:13:59 GMT
cropped-wincert_frontpage_logo-4.png
www.wincert.net/wp-content/uploads/2020/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2020/11/cropped-wincert_frontpage_logo-4.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
91531becf889a84ff9acbe50dc2c901fd7288b3b13358d26d0e5f9da15bce38e

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sat, 28 Nov 2020 22:48:51 GMT
server
Apache
etag
"327f-5b53294ae5ac0"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12927
expires
Sat, 05 Mar 2022 20:13:59 GMT
liveView.php
live.sekindo.com/live/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
90c66f4ba4ec265790dcc6514b40cceca9eabc39dfa145817bf822bd5887f267

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
111550X1569773.skimlinks.js
s.skimresources.com/js/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/111550X1569773.skimlinks.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38520f8287d060f1129b80cec43bdb0f55735ce764120d15c01554f79b7122e5

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 10:46:36 GMT
server
AmazonS3
x-amz-request-id
7E3BA8621340C5F6
etag
"109a37319a694fee4c4b97f61fdd63ec"
x-hw
1614975239.cds109.fr8.hn,1614975239.cds013.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
22954
x-amz-id-2
NtPhYbTjKohbND8rVrMC1ISMChXjeODR3sUPg88qfLQ8iW9BWpKKvHqo4m71UtIvgimz7KZtDWE=
8d2a7.js
www.wincert.net/wp-content/cache/minify/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/8d2a7.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:00:57 GMT
server
Apache
etag
"1618-5bcb3e1d1b878"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5656
expires
Sat, 05 Mar 2022 20:13:59 GMT
08ca7.js
www.wincert.net/wp-content/cache/minify/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/08ca7.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
398f165fb90ea53788cd1a05817c7d5c093ea3b2f4aee44a4e823ed48c8a555a

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:01:34 GMT
server
Apache
etag
"5402-5bcb3e40a1860"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21506
expires
Sat, 05 Mar 2022 20:13:59 GMT
5165d.js
www.wincert.net/wp-content/cache/minify/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/5165d.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
5fd37186d0a43a88d9bd6102707508f81ef5e0bddd3f1d0308293f831df65fff

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:01:34 GMT
server
Apache
etag
"1d5d-5bcb3e409b2d0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7517
expires
Sat, 05 Mar 2022 20:13:59 GMT
98f91.js
www.wincert.net/wp-content/cache/minify/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wincert.net/wp-content/cache/minify/98f91.js
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
d640a223d17bad3f4809a8194ecd1bca0870a66d3bc4047e9afa7b37b9fe0acd

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
referrer-policy
last-modified
Thu, 04 Mar 2021 11:00:56 GMT
server
Apache
etag
"1658-5bcb3e1c1ca58"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5720
expires
Sat, 05 Mar 2022 20:13:59 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 20:13:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame 5470 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210303/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 04 Mar 2021 21:27:47 GMT
expires
Thu, 18 Mar 2021 21:27:47 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
81972
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=545090916&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ul=en-us&de=UTF-8&dt=WinRAR%206.0%20Giveaway%20on%20WinCert.net%20-%20WinCert&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2129443879&gjid=612417524&cid=1461666795.1614975240&tid=UA-103302831-1&_gid=1183996195.1614975240&_r=1&did=dZGIzZG&gtm=2ou2o0&z=2035615367
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wincert.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-103302831-1&cid=1461666795.1614975240&jid=2129443879&gjid=612417524&_gid=1183996195.1614975240&_u=IEBAAUAAAAAAAC~&z=1604455947
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 05 Mar 2021 20:13:59 GMT
content-type
text/plain
access-control-allow-origin
https://www.wincert.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-103302831-1&cid=1461666795.1614975240&jid=2129443879&_u=IEBAAUAAAAAAAC~&z=85668604
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-103302831-1&cid=1461666795.1614975240&jid=2129443879&_u=IEBAAUAAAAAAAC~&z=85668604
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ Frame 2D0C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
ed89678bdbe405a557ce027f1855b41b671de4c7c3aeb4da15fec6a0e778eb2b

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
winrar-6.0-giveaway-on-wicert.jpg
www.wincert.net/wp-content/uploads/2021/03/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/03/winrar-6.0-giveaway-on-wicert.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
eeb34cd13dca48d6884bd5cf49a50acc1972be8fac46de2e0e40042e83229df9

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Mon, 01 Mar 2021 06:23:55 GMT
server
Apache
etag
"2e77d-5bc73a98f6428"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
190333
expires
Sat, 05 Mar 2022 20:13:59 GMT
winrar-extract.png
www.wincert.net/wp-content/uploads/2021/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/03/winrar-extract.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
aa7f98d835f20065aa085b293901875f3c23a9e109cd404f91f7e1543638fa94

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Mon, 01 Mar 2021 06:28:34 GMT
server
Apache
etag
"636a-5bc73ba296040"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25450
expires
Sat, 05 Mar 2022 20:13:59 GMT
extract-winrar.png
www.wincert.net/wp-content/uploads/2021/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/02/extract-winrar.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
0aa9cd043005c54ccc77a6bb620f50fabcc2ecf24ff974ab5666d42cd9b1fa74

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sun, 28 Feb 2021 18:21:16 GMT
server
Apache
etag
"5413-5bc699127d500"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21523
expires
Sat, 05 Mar 2022 20:13:59 GMT
rum_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/rum_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bed4e93f135569e4019bf6e4559955fef73abe60a1597eb97e78aac88bd3afa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 06:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20049
x-xss-protection
0
server
cafe
etag
14773230023140768958
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 06:20:39 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.wincert.net&callback=_gfp_s_&client=ca-pub-0889244685730329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ccc7ce427e841c5030cbdb38aeab4a42ec2221d61b07c9d250f5a16714a05d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wincert.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wincert.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 416B 		47 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&adk=1812271804&adf=3025194257&lmt=1614972128&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614975239510&bpp=13&bdt=787&idt=144&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5441724635662&rume=1&frm=20&pv=2&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8eda25d7230c5560a0561aeeaf5b118185418ac2fcd3cd6d505ee26ee0cf2dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0889244685730329&output=html&adk=1812271804&adf=3025194257&lmt=1614972128&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614975239510&bpp=13&bdt=787&idt=144&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5441724635662&rume=1&frm=20&pv=2&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 20:13:59 GMT
server
cafe
content-length
2403
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Mar-2021 20:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:13:59 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:13:59 GMT
winrar-6.0-giveaway-on-wicert-80x80.jpg
www.wincert.net/wp-content/uploads/2021/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/03/winrar-6.0-giveaway-on-wicert-80x80.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
837d50a17ebd776a8eaccdc2f17bf44b79d4ddacfcc0ff149b4048e37ffb2db4

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Mon, 01 Mar 2021 06:23:55 GMT
server
Apache
etag
"91d-5bc73a9915c10"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2333
expires
Sat, 05 Mar 2022 20:13:59 GMT
email-3597088_640-80x80.jpg
www.wincert.net/wp-content/uploads/2021/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/02/email-3597088_640-80x80.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
0b1f92a8d5dfcf5530ad1398fa6f63f3e5a1f535b06eb967c9cbd52972631f03

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Thu, 25 Feb 2021 11:13:59 GMT
server
Apache
etag
"947-5bc273f866118"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2375
expires
Sat, 05 Mar 2022 20:13:59 GMT
9010-printer-head-issue-80x80.png
www.wincert.net/wp-content/uploads/2021/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/02/9010-printer-head-issue-80x80.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
d343de0fc9fd713d373ba38f11a7a199c92cbbce8cc9db5068e971a1c652feaf

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sun, 21 Feb 2021 06:58:57 GMT
server
Apache
etag
"248e-5bbd3381bcd68"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9358
expires
Sat, 05 Mar 2022 20:13:59 GMT
kids-4928559_640-80x80.jpg
www.wincert.net/wp-content/uploads/2021/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/02/kids-4928559_640-80x80.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
2cfe9f0a9f78bcf486ff74d75580b6548e0c6df3572517966129b0c9ead96715

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Wed, 17 Feb 2021 18:31:10 GMT
server
Apache
etag
"b95-5bb8c6c509830"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2965
expires
Sat, 05 Mar 2022 20:13:59 GMT
windows-terminal-80x80.jpg
www.wincert.net/wp-content/uploads/2021/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2021/02/windows-terminal-80x80.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
5542961f7243b3c6a346edee24c4db2a93cd14f3f3f66b1da43094b1924b6ed8

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sun, 14 Feb 2021 17:18:50 GMT
server
Apache
etag
"65b-5bb4f1014ee78"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1627
expires
Sat, 05 Mar 2022 20:13:59 GMT
microsoft-office-2-160x160.jpg
www.wincert.net/wp-content/uploads/2015/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2015/01/microsoft-office-2-160x160.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
aba5f4f1d1a91e143069eb4ed212b074cf6967daee4492c7493145171d9056c8

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sun, 18 Jan 2015 14:18:49 GMT
server
Apache
etag
"194c-50cede26b0440"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6476
expires
Sat, 05 Mar 2022 20:13:59 GMT
windows-7-160x160.jpg
www.wincert.net/wp-content/uploads/2015/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2015/01/windows-7-160x160.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
ac33071e1198b275a490a3083bed55c641dd193e97309258cea70472a7cae995

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Sun, 18 Jan 2015 14:18:10 GMT
server
Apache
etag
"13fa-50cede017ec80"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5114
expires
Sat, 05 Mar 2022 20:13:59 GMT
winrar-160x160.jpg
www.wincert.net/wp-content/uploads/2018/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2018/08/winrar-160x160.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
5f94d110807753fe528e6db5637ba12ee83c35a51289f40b2f9933c1545f0e63

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Mon, 27 Aug 2018 18:37:33 GMT
server
Apache
etag
"134f-5746f04b9af18"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4943
expires
Sat, 05 Mar 2022 20:13:59 GMT
winrar2-160x160.png
www.wincert.net/wp-content/uploads/2017/11/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2017/11/winrar2-160x160.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
8aa0c119980abcc4e2fad52a1f2edd7688dbff39ded199ee3bc65cf78a785596

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Fri, 03 Nov 2017 13:07:21 GMT
server
Apache
etag
"31b4-55d13c8f7d440"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12724
expires
Sat, 05 Mar 2022 20:13:59 GMT
total-commander-160x160.jpg
www.wincert.net/wp-content/uploads/2016/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wincert.net/wp-content/uploads/2016/03/total-commander-160x160.jpg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.168.147.90 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
server.heidoc.net
Software
Apache /
Resource Hash
a6017d55b0978fc2c39402c33942b4dfd45f1ade8e347d8978fbca056a25cf65

Request headers

Referer
https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
referrer-policy
last-modified
Tue, 01 Mar 2016 11:59:54 GMT
server
Apache
etag
"195a-52cfb80de0280"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6490
expires
Sat, 05 Mar 2022 20:13:59 GMT
f9017241585c46590760b08ae54ec217
secure.gravatar.com/avatar/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f9017241585c46590760b08ae54ec217?s=96&d=wavatar&r=pg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58ad9c4fd15e425ea3d3e55b51acadb37b10a378e884f5b0099492233d77f3e0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 05 Mar 2021 20:13:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f9017241585c46590760b08ae54ec217?s=96&d=wavatar&r=pg>; rel="canonical"
content-length
11004
expires
Fri, 05 Mar 2021 20:18:59 GMT
10a194e38218b357598bfd00f2adae39
secure.gravatar.com/avatar/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/10a194e38218b357598bfd00f2adae39?s=96&d=wavatar&r=pg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4abc1e1bbf0d41ffaf94ca8298b3c4e02c27d7f3513214ae6e5215fe8bd5077e

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 05 Mar 2021 20:13:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/10a194e38218b357598bfd00f2adae39?s=96&d=wavatar&r=pg>; rel="canonical"
content-length
6728
expires
Fri, 05 Mar 2021 20:18:59 GMT
8d98c61ccc14654e58cbae686bbcd8da
secure.gravatar.com/avatar/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8d98c61ccc14654e58cbae686bbcd8da?s=96&d=wavatar&r=pg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b31c324e36982be7301442b81bf4a0b949a1ceff05313a23e539fa605dcf2339

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 05 Mar 2021 20:13:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8d98c61ccc14654e58cbae686bbcd8da?s=96&d=wavatar&r=pg>; rel="canonical"
content-length
10362
expires
Fri, 05 Mar 2021 20:18:59 GMT
c2a632c8abdd141580ff04beb58c2e86
secure.gravatar.com/avatar/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/c2a632c8abdd141580ff04beb58c2e86?s=96&d=wavatar&r=pg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3456debe0fcea7af0236b4ad1babcf612c9e84a17581d42787bd7b7b3b4072a8

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 05 Mar 2021 20:13:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/c2a632c8abdd141580ff04beb58c2e86?s=96&d=wavatar&r=pg>; rel="canonical"
content-length
9148
expires
Fri, 05 Mar 2021 20:18:59 GMT
d666f70925d4cc21f0e120808c3d6752
secure.gravatar.com/avatar/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/d666f70925d4cc21f0e120808c3d6752?s=96&d=wavatar&r=pg
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
003f4ef4dd33923bac9057e33106077f35dc8f6704a959e6b0539615cf200fa6

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 05 Mar 2021 20:13:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/d666f70925d4cc21f0e120808c3d6752?s=96&d=wavatar&r=pg>; rel="canonical"
content-length
7395
expires
Fri, 05 Mar 2021 20:18:59 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F020D1MNJRXT6JYP0VTGH7VH&persistence=1&checksum=d70a2fcaa40b1e8e5a3777a479ef62f28e2a0fd7757ce0005ccaf86bd4ca68d3
200 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01F020D1MNJRXT6JYP0VTGH7VH&persistence=1&checksum=d70a2fcaa40b1e8e5a3777a479ef62f28e2a0fd7757ce0005ccaf86bd4ca68d3
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
aa5de5c04485c8769d8154f019d02eaae54f8c0040deda9ce4b047638137337c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wincert.net
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Fri, 05 Mar 2021 20:13:59 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://www.wincert.net
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F020D1MNJRXT6JYP0VTGH7VH&persistence=1&checksum=d70a2fcaa40b1e8e5a3777a479ef62f28e2a0fd7757ce0005ccaf86bd4ca68d3
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame A68E 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4217204598757929
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=9.033905954020256
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=9.033905954020256
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame B99A 		82 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92336ffed064f0ca9a11cf8a032cc477aac3215454194f0355184dc85d8bcde1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 20:14:00 GMT
server
cafe
content-length
25609
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Mar-2021 20:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
private
iab_consent_sdk.v1.0.js
live.sekindo.com/content/ClientDetections/ Frame 2D0C 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 05 Mar 2022 20:13:59 GMT
DetectGDPR2.v1.1.js
live.sekindo.com/content/ClientDetections/ Frame 2D0C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 05 Mar 2022 20:13:59 GMT
DetectGDPR.v1.1.js
live.sekindo.com/content/ClientDetections/ Frame 2D0C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:49 GMT
server
nginx
etag
W/"6024fccd-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 05 Mar 2022 20:13:59 GMT
hls.0.12.4_2.min.js
live.sekindo.com/content/video/hls/ Frame 2D0C 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 05 Mar 2022 20:13:59 GMT
prebidVid.4.8.0_2.min.js
live.sekindo.com/content/prebid/ Frame 2D0C 		318 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
8388e819321fa17d9e513419644867bb65a7965f95666189b852e0f3541bf4bb

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 10:57:03 GMT
server
nginx
etag
W/"60250d7f-4f6e3"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 05 Mar 2022 20:13:59 GMT
liveVideo.php
live.sekindo.com/live/ Frame 2D0C 		551 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103419&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&cbuster=1614975239&pubUrlAuto=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
ce09d1e1b43d282ec7664f180b8ee18a56ec0b2d1998f9b29ae4b1f6643fbab5

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame 61F4 		82 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cf3b4260af1d85149cc32a2158171a1b741c633754ab61153742a9a36b32a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 20:14:00 GMT
server
cafe
content-length
25572
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Mar-2021 20:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
private
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F020D1NC6TYKNX7BFBX37KXN&persistence=1&checksum=7394a43942734d7553548fe8c4e661b5d4682960c853d169fbbf7fa52d4d5422
173 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01F020D1NC6TYKNX7BFBX37KXN&persistence=1&checksum=7394a43942734d7553548fe8c4e661b5d4682960c853d169fbbf7fa52d4d5422
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
2d9606b0de437e771d3a57432275a944f03ff0a5c84a27cc5826625591f87f8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wincert.net
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Fri, 05 Mar 2021 20:13:59 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://www.wincert.net
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F020D1NC6TYKNX7BFBX37KXN&persistence=1&checksum=7394a43942734d7553548fe8c4e661b5d4682960c853d169fbbf7fa52d4d5422
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
primisslate.css
live.sekindo.com/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/video/css/primisslate.css
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:58 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
css
fonts.googleapis.com/ Frame 9477 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 19:20:18 GMT
server
ESF
date
Fri, 05 Mar 2021 20:13:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 20:13:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2D0C 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:00:23 GMT
content-encoding
gzip
server
Server
age
816
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
7KnjqYhn.fTYs_joiF9hMVX.bWg_6oV9
x-amz-cf-id
OpId19xdKgw_oMiXqaf4IIPDw5sT0DJT1SRHYL_cgBy1E7EVIOz-wg==
css
fonts.googleapis.com/ 		2 KB
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 19:27:51 GMT
server
ESF
date
Fri, 05 Mar 2021 20:13:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 20:13:59 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E727 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wincert.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=26941
Expires
Sat, 06 Mar 2021 03:43:01 GMT
Date
Fri, 05 Mar 2021 20:14:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
liveCS.php
live.sekindo.com/live/ Frame 36AF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=94&advUuid=52a1311d-7def-11eb-9c64-1c5660562906
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=94&advUuid=52a1311d-7def-11eb-9c64-1c5660562906
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.sekindo.com
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=94&advUuid=52a1311d-7def-11eb-9c64-1c5660562906
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

server
nginx
date
Fri, 05 Mar 2021 20:13:59 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 05 Mar 2021 20:14:00 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=52a1311d-7def-11eb-9c64-1c5660562906; expires=Sat, 05-Mar-2022 21:20:40 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=94&advUuid=52a1311d-7def-11eb-9c64-1c5660562906
X-fe
20
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.sekindo.com/live/ Frame B4A1
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D98%2...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=98&advUuid=25c853c7-4510-4be3-9ee5-0d5c9b66b4ee
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=98&advUuid=25c853c7-4510-4be3-9ee5-0d5c9b66b4ee
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.sekindo.com
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=98&advUuid=25c853c7-4510-4be3-9ee5-0d5c9b66b4ee
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

server
nginx
date
Fri, 05 Mar 2021 20:13:59 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=01c18a2e-a0d1-4ce7-8056-53971309c406|1614975240; Version=1; Expires=Sat, 05-Mar-2022 20:14:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=98&advUuid=25c853c7-4510-4be3-9ee5-0d5c9b66b4ee
date
Fri, 05 Mar 2021 20:14:00 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
liveView.php
live.sekindo.com/live/ Frame 2D0C 		44 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn13%2Fvideo%2Fusers%2Fconverted%2F24485%2Fvideo1520774937%2Fvid6021c3d52ddad059609993.mp4&vid_content_id=1325601&vid_content_desc=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_title=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_duration=416&debugInformation=&x=406&y=228&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=604291079ac06&cbuster=1614975240022&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
cdf64377e9fb0c737712c72282239df99b885fc99b39301e5e19641b18351921

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wincert.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2545
liveView.php
live.sekindo.com/live/ Frame 2D0C 		44 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn13%2Fvideo%2Fusers%2Fconverted%2F24485%2Fvideo1520774937%2Fvid6021c3d52ddad059609993.mp4&vid_content_id=1325601&vid_content_desc=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_title=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_duration=416&debugInformation=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=604291079ac06&cbuster=1614975240023&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
3724d3d5d1469118c69cf864b0ea0b60cae56a54637ec50972f5026c613ad524

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wincert.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2542
liveView.php
live.sekindo.com/live/ Frame 2D0C 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn13%2Fvideo%2Fusers%2Fconverted%2F24485%2Fvideo1520774937%2Fvid6021c3d52ddad059609993.mp4&vid_content_id=1325601&vid_content_desc=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_title=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_duration=416&debugInformation=&x=406&y=228&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=604291079ac06&cbuster=1614975240026&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4082cb59d9e438347fce57f012de7e35930c30b4feeeeb1bc413dc724e742908

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wincert.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1367
vid6021c3d52ddad059609993.jpg
video.sekindo.com/uploads/cn13/video/users/converted/24485/video1520774937/ Frame 9477 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn13/video/users/converted/24485/video1520774937/vid6021c3d52ddad059609993.jpg?cbuster=1613991385
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
74129e88e5ff3db232a9ec5494bef4b9d0518ea9bd587fdaea8b1baba5071db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
last-modified
Mon, 08 Feb 2021 23:07:33 GMT
Server
Tengine
etag
"6021c435-339a"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
cache-control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
13210
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:59 GMT
last-modified
Sun, 11 Jun 2017 08:04:06 GMT
server
nginx
etag
"593cf976-5dbf"
content-type
image/png
cache-control
no-cache, private
accept-ranges
bytes
content-length
23999
expires
Fri, 05 Mar 2021 20:13:58 GMT
vid6021c3d52ddad059609993.jpg
video.sekindo.com/uploads/cn13/video/users/converted/24485/video1520774937/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn13/video/users/converted/24485/video1520774937/vid6021c3d52ddad059609993.jpg?cbuster=1613991385
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
74129e88e5ff3db232a9ec5494bef4b9d0518ea9bd587fdaea8b1baba5071db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
last-modified
Mon, 08 Feb 2021 23:07:33 GMT
Server
Tengine
etag
"6021c435-339a"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
cache-control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
13210
expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6036bc88d80e4599268676.jpg
video.sekindo.com/uploads/cn24/video/users/converted/24485/video1523973537/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn24/video/users/converted/24485/video1523973537/vid6036bc88d80e4599268676.jpg?cbuster=1614199948
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c0c283d67efa1bec799790cebbe72a73bfb4ca808674395261e340fcd1c12920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Wed, 24 Feb 2021 20:53:53 GMT
Server
Tengine
ETag
"6036bce1-4509"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
17673
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid604123d78ccc4457227659.jpg
video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid604123d78ccc4457227659.jpg?cbuster=1614881851
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
de18fbb58f1cf09e744e6dd7c1d12599adc6bd0f3896366ff5f333f58a95f499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Thu, 04 Mar 2021 18:28:26 GMT
Server
Tengine
ETag
"604126ca-f63"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
3939
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6041243f3062d209160365.jpg
video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid6041243f3062d209160365.jpg?cbuster=1614881866
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
4eedb5116ce6db6c9504b295b364e83aca320b7be1a502c49ef8ebd8231a1354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Thu, 04 Mar 2021 18:28:33 GMT
Server
Tengine
ETag
"604126d1-3978"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14712
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603fa38201b6e364543663.jpg
video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid603fa38201b6e364543663.jpg?cbuster=1614783365
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
de393095c0617f943ad17423b8ae947809353d2d445335bc4b37be519705d0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Wed, 03 Mar 2021 14:59:01 GMT
Server
Tengine
ETag
"603fa435-3932"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14642
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603d25850cc88432680251.jpg
video.sekindo.com/uploads/cn25/video/users/converted/24485/video_5c74e337b0b1c456249184/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/24485/video_5c74e337b0b1c456249184/vid603d25850cc88432680251.jpg?cbuster=1614620038
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
fe02c7271a36b34415671bf78e26a7c0a6f4cfe1f8f5d95df35160bba121346a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Mon, 01 Mar 2021 17:35:13 GMT
Server
Tengine
ETag
"603d25d1-1aea"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
6890
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603d275f07cc9495178859.jpg
video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid603d275f07cc9495178859.jpg?cbuster=1614620524
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c8b5aad4560f37d383366c72426f07fd4d52d49522a8276a52d680fb156fd2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Mon, 01 Mar 2021 17:50:30 GMT
Server
Tengine
ETag
"603d2966-1101"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
4353
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603e858d0f19d039791928.jpg
video.sekindo.com/uploads/cn24/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn24/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid603e858d0f19d039791928.jpg?cbuster=1614710209
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c8b5aad4560f37d383366c72426f07fd4d52d49522a8276a52d680fb156fd2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Tue, 02 Mar 2021 18:37:13 GMT
Server
Tengine
ETag
"603e85d9-1101"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
4353
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid60425ed3d3bff913478330.jpg
video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid60425ed3d3bff913478330.jpg?cbuster=1614962404
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
802e6499fbb78a0324dd052efe993516569459b9717d88638b61888b4ef242a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Fri, 05 Mar 2021 16:42:29 GMT
Server
Tengine
ETag
"60425f75-5766"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
22374
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sync
x.bidswitch.net/ Frame 2D0C 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=604291079ac06&custom_data=604291079ac06&gdpr=1&gdpr_consent=
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.211.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
liveCS.php
live.sekindo.com/live/ Frame 2D0C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=93&advUuid=d5f690cd-784c-46e7-9d20-d55be637c74a
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=93&advUuid=d5f690cd-784c-46e7-9d20-d55be637c74a
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=93&advUuid=d5f690cd-784c-46e7-9d20-d55be637c74a
date
Fri, 05 Mar 2021 20:14:00 GMT
server
_
content-length
0
liveCS.php
live.sekindo.com/live/ Frame 2D0C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D99%26advUuid%3D&C=1
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=99&advUuid=YEKRCJLY7q12QJynegG5eQAABLUAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=99&advUuid=YEKRCJLY7q12QJynegG5eQAABLUAAAAB
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=99&advUuid=YEKRCJLY7q12QJynegG5eQAABLUAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Fri, 05 Mar 2021 20:14:00 GMT
liveCS.php
live.sekindo.com/live/ Frame 2D0C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D604291079ac06%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=105&advUuid=8943474206972987398
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=105&advUuid=8943474206972987398
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:00 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid
d7a381cb-6004-484c-bb92-8a77cce47084
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=604291079ac06&pixel=&advId=105&advUuid=8943474206972987398
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wincert.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:46:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
250047
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Wed, 02 Mar 2022 22:46:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9477 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wincert.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:46:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
250047
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Wed, 02 Mar 2022 22:46:33 GMT
vid6021c3d52ddad059609993.jpg
video.sekindo.com/uploads/cn13/video/users/converted/24485/video1520774937/ Frame 9477 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn13/video/users/converted/24485/video1520774937/vid6021c3d52ddad059609993.jpg?cbuster=1613991385
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
74129e88e5ff3db232a9ec5494bef4b9d0518ea9bd587fdaea8b1baba5071db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
last-modified
Mon, 08 Feb 2021 23:07:33 GMT
Server
Tengine
etag
"6021c435-339a"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
cache-control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
13210
expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6036bc88d80e4599268676.jpg
video.sekindo.com/uploads/cn24/video/users/converted/24485/video1523973537/ Frame 9477 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn24/video/users/converted/24485/video1523973537/vid6036bc88d80e4599268676.jpg?cbuster=1614199948
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c0c283d67efa1bec799790cebbe72a73bfb4ca808674395261e340fcd1c12920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Wed, 24 Feb 2021 20:53:53 GMT
Server
Tengine
ETag
"6036bce1-4509"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
17673
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid604123d78ccc4457227659.jpg
video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 9477 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid604123d78ccc4457227659.jpg?cbuster=1614881851
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
de18fbb58f1cf09e744e6dd7c1d12599adc6bd0f3896366ff5f333f58a95f499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Thu, 04 Mar 2021 18:28:26 GMT
Server
Tengine
ETag
"604126ca-f63"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
3939
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6041243f3062d209160365.jpg
video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 9477 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid6041243f3062d209160365.jpg?cbuster=1614881866
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
4eedb5116ce6db6c9504b295b364e83aca320b7be1a502c49ef8ebd8231a1354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Thu, 04 Mar 2021 18:28:33 GMT
Server
Tengine
ETag
"604126d1-3978"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14712
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603fa38201b6e364543663.jpg
video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 9477 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid603fa38201b6e364543663.jpg?cbuster=1614783365
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
de393095c0617f943ad17423b8ae947809353d2d445335bc4b37be519705d0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Wed, 03 Mar 2021 14:59:01 GMT
Server
Tengine
ETag
"603fa435-3932"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14642
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603d25850cc88432680251.jpg
video.sekindo.com/uploads/cn25/video/users/converted/24485/video_5c74e337b0b1c456249184/ Frame 9477 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/24485/video_5c74e337b0b1c456249184/vid603d25850cc88432680251.jpg?cbuster=1614620038
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
fe02c7271a36b34415671bf78e26a7c0a6f4cfe1f8f5d95df35160bba121346a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Mon, 01 Mar 2021 17:35:13 GMT
Server
Tengine
ETag
"603d25d1-1aea"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
6890
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603d275f07cc9495178859.jpg
video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 9477 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid603d275f07cc9495178859.jpg?cbuster=1614620524
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c8b5aad4560f37d383366c72426f07fd4d52d49522a8276a52d680fb156fd2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Mon, 01 Mar 2021 17:50:30 GMT
Server
Tengine
ETag
"603d2966-1101"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
4353
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid603e858d0f19d039791928.jpg
video.sekindo.com/uploads/cn24/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 9477 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn24/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid603e858d0f19d039791928.jpg?cbuster=1614710209
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c8b5aad4560f37d383366c72426f07fd4d52d49522a8276a52d680fb156fd2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Tue, 02 Mar 2021 18:37:13 GMT
Server
Tengine
ETag
"603e85d9-1101"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
4353
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid60425ed3d3bff913478330.jpg
video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 9477 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn23/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid60425ed3d3bff913478330.jpg?cbuster=1614962404
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.218 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
802e6499fbb78a0324dd052efe993516569459b9717d88638b61888b4ef242a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:58 GMT
Last-Modified
Fri, 05 Mar 2021 16:42:29 GMT
Server
Tengine
ETag
"60425f75-5766"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
22374
Expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.sekindo.com/live/ Frame 2D0C 		44 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn13%2Fvideo%2Fusers%2Fconverted%2F24485%2Fvideo1520774937%2Fvid6021c3d52ddad059609993.mp4&vid_content_id=1325601&vid_content_desc=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_title=Washington+State+Legislators+Introduce+%27Billionaire+Tax%27+With+Focus+on+Economic+Recovery&vid_content_duration=416&debugInformation=&x=477&y=268&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=604291079ac06&cbuster=1614975240099&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
d4d85c59a1a1e4c3e4d3d798e73329db3ab375ec0caf4d62f23e2d4df470576c

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wincert.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2543
page
t.skimresources.com/api/v2/ 		22 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/111550X1569773.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.wincert.net
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/111550X1569773.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.wincert.net
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
/
p.skimresources.com/ Frame A68E
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=a8c26edd195c4dd731584d4e13db8c85
  • https://p.skimresources.com/?provider_id=a8c26edd195c4dd731584d4e13db8c85&skim_mapping=true
43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/?provider_id=a8c26edd195c4dd731584d4e13db8c85&skim_mapping=true
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif

Redirect headers

date
Fri, 05 Mar 2021 20:14:00 GMT
via
1.1 google
server
nginx/1.16.1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://p.skimresources.com?provider_id=a8c26edd195c4dd731584d4e13db8c85&skim_mapping=true
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wincert.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wincert.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F710 		72 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2ee0e60344c6e0c5ed3982be19c2fe85c5b8ae02ac0fa31f295f082fe7ebd26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 20:14:00 GMT
server
cafe
content-length
25092
x-xss-protection
0
set-cookie
IDE=AHWqTUkYY1nz5NgYKBZ6TvtzIWhLrGdz7nhoD5c450fXhznLLtJE7VaOpvGunY794II; expires=Wed, 30-Mar-2022 20:14:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 57F9 		63 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5be1ecda62e74a3e68680f731e3735981ae6fb68bc64266a750b4a08ac14fca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 20:14:00 GMT
server
cafe
content-length
23777
x-xss-protection
0
set-cookie
IDE=AHWqTUkzG_EIlK2C0vwgQRaffJRkjCysik0pwuSOUVacXMvTkV_q7v9tnURWP-GMxSg; expires=Wed, 30-Mar-2022 20:14:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
private
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2D0C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:36:54 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
45427
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 29 Jan 2021 06:42:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
via
1.1 77d19519a1c9ed821ab469548b9d17f5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
PRG50-C1
content-type
application/javascript
x-amz-cf-id
th1ENNAA1v-WTbxLbTUmRrz7b88NMBMvhUl5XYo7jehE33hOjR8ydA==
171621
search.spotxchange.com/openrtb/2.3/dados/ Frame 2D0C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Mar 2021 20:14:00 GMT
X-SpotX-Timing-Transform
0.000320
X-SpotX-Timing-SpotMarket
0.024282
X-SpotX-Timing-Page-Mux
0.000338
X-SpotX-Timing-Page-Require
0.000389
X-fe
064
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000034
X-SpotX-Timing-Page
0.028634
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000332
Last-Modified
Fri, 05 Mar 2021 20:14:00 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.018912
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.wincert.net
X-SpotX-Timing-Page-Misc
0.002922
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.005370
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 2D0C 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wincert.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame 2D0C 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:13:59 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.wincert.net
x-smrt-reason
5
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2D0C 		67 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1614975240275&pKey=492323283&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.wincert.net%2F&playerSize=477x268&schain=1.0,1!primis.tech,28521,1,,,
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:00 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.wincert.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1614975240336023-376
Expires
Fri, 05 Mar 2021 20:14:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2D0C 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wincert.net
date
Fri, 05 Mar 2021 20:09:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
showad.js
ads.pubmatic.com/AdServer/js/ Frame D30B 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D604291079ac06%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=118732
Expires
Sun, 07 Mar 2021 05:12:52 GMT
Date
Fri, 05 Mar 2021 20:14:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
17566683985549665069
tpc.googlesyndication.com/simgad/ Frame 61F4 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17566683985549665069?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmHFvyQ-sqNLqGqgTS1SAHNG64wxQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c427966e7a5169478548c5e143d8be73767c862a82d9d2df201fdb05ce0c512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 10:52:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 28 Feb 2021 19:21:43 GMT
server
sffe
age
206499
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29535
x-xss-protection
0
expires
Thu, 03 Mar 2022 10:52:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 61F4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:12:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 61F4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:56 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 61F4 		67 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 03:52:27 GMT
x-content-type-options
nosniff
server
cafe
age
58893
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:52:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 61F4 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 61F4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 61F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMHrhB5FCYNm9NMLHZOTZopAF94Tc22H-jKKaoA3-gsqRpBoQASDI7psVYJWKuILIB6ABvqTehgPIAQKoAwHIA8kEqgTXAU_QQp7kGzJec_8iO1UdC7Wa-tDVqI717R0ZQGYJULvUszk7hS16H74bUKz5w6ElCDrATxcJAUeXqjNKR8IB0f-S1V80pzOoCU5UKB-XHXQkqdQQ2sFL-tnCjDadgPTdMDrYbXdhYPmfsF8v0RLj_hnSTogjAT4dARn0EfGqDLWSMdSvAeJJhryEd4WL4lfOWKqmMc-Lx75V4hDTw9dBk5sYXVNb6PbTr52_1JvPO9AlYubOu-lTMVd2SznE7W2TVqpnN6C0XKocN-fJbVIT6YKwyjNKDt14wASh67nBvgOSBQQIBBgBkgUECAUYBKAGAoAHqtuheagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDD1h_SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMDg4OTI0NDY4NTczMDMyOQ&sigh=-B-XeMXc4cA&tpd=AGWhJmshtr7KyAcOb2qo0U4CG6NKHN59AgTP7lMFMCCGt1cAvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Mar 2021 20:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 61F4 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10963
x-xss-protection
0
server
cafe
etag
5048180228173261443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 12:32:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D30B 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74124383&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:13:59 GMT
Content-Length
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame B642 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkz4fG0Q2Yl2KtETpkQePFN7rErQgU6TIlhOjMDEbIB9jEam05Zb3PXp6MPTtQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Mar 2021 19:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1956
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
17566683985549665069
tpc.googlesyndication.com/simgad/ Frame B99A 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17566683985549665069?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmHFvyQ-sqNLqGqgTS1SAHNG64wxQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c427966e7a5169478548c5e143d8be73767c862a82d9d2df201fdb05ce0c512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 10:52:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 28 Feb 2021 19:21:43 GMT
server
sffe
age
206499
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29535
x-xss-protection
0
expires
Thu, 03 Mar 2022 10:52:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame B99A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:12:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B99A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:56 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B99A 		67 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 03:52:27 GMT
x-content-type-options
nosniff
server
cafe
age
58893
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:52:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B99A 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B99A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B99A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXLhAB5FCYInVNIuGZ4Lbi_AM94Tc22H-jKKaoA3-gsqRpBoQASDI7psVYJWKuILIB6ABvqTehgPIAQKoAwHIA8kEqgTXAU_Qdka62cQM1QofJMA9TOxSIPg_3-MXo00eKb4syYc4cjNcdGQ1hUwFQCq0QB4ZQ7YXgs0jHPWui54MAvyeiW8a6fGLOHrHZbfpQ7msrXYryBxlCcb5Z4w3NtmSiM25dTYqDiiRGC7qnDWYZjWZ6UQf_KxTC4x3Ih4tH9HX7s5LEJnxRc2GVqwqiaV8EOOxw7deDn1HOctVZjY9rrh1XY_Ipd2cGozYWXZUt3lIALbvDJwa0xq1Q_G4pa68XZsf6xDTJiA-DTeTu3-w2lSFDvjAMzxlRIWvwASh67nBvgOSBQQIBBgBkgUECAUYBKAGAoAHqtuheagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCXxi7SCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMDg4OTI0NDY4NTczMDMyOQ&sigh=xL99OY3_vp4&tpd=AGWhJmvGEDf0RleJaVBvOD23wHV7C8K8UA8b7ihMvTAchng6WA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Mar 2021 20:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame B99A 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10963
x-xss-protection
0
server
cafe
etag
5048180228173261443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 12:32:45 GMT
truncated
/ Frame 61F4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9640c93a798989d257b3aa2ebbd782ea2c096a87f34178229306a16faecb1022

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 73C2 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkz4fG0Q2Yl2KtETpkQePFN7rErQgU6TIlhOjMDEbIB9jEam05Zb3PXp6MPTtQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Mar 2021 19:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1956
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B99A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36827d45144cbcf502e02c32187649e7b000775fcd3b9806c8795a1119bd0997

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame B642
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkYY1nz5NgYKBZ6TvtzIWhLrGdz7nhoD5c450fXhznLLtJE7VaOpvGunY794II
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:00 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 05-Mar-2021 21:14:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 61F4 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 20:58:17 GMT
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 5969 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=766000407&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239631&bpp=3&bdt=909&idt=134&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C614x280&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4loo2P17es&p=https%3A//www.wincert.net&dtd=138
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
346881
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
css
fonts.googleapis.com/ Frame F710 		3 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 19:20:00 GMT
server
ESF
date
Fri, 05 Mar 2021 20:14:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 20:14:00 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F710 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:01:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame F710 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:12:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F710 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F710 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F710 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:37 GMT
l
www.google.com/ads/measurement/ Frame F710 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEj7mplcGKHbjYrmZKRRS6ePL2QIj59RMNH6s7_Q3obONn_kra19bX9XLwOk48yfRZeXZ92J_irklfiFJK0TxuoCi_xA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame F710 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 14:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 07:11:17 GMT
server
sffe
age
20634
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Thu, 03 Jun 2021 14:30:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F710 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CckLyCJFCYPWRDpO2ZJjcnhj6ibSPYYDsh-qeDfrqmu3zDhABIMjumxVglYq4gsgHoAGok-WkA8gBAagDAcgDwwSqBNsBT9BjOm750U_3-qfsr5c13gcAwiFP3dEPdt5LWsWZBa-mJt7yqpFmMn1ZpsVhBjGiSV3A4Am_ooNUIG8EneTF2CQSZNZoOaM5MikvHntuQubSOukQaxDltLLX8olqzu_FlND_2MxbokjAczBcd7iLuaB90WS9ZBENReEsSq-EUIwNYRQEUikGGE9eZTTfXcw77ye5h1i7In6xe_-1eA7zGuy6DxMp2Piub3GG45e8YLsSAXaKBDuitm3ySQDBeUYt7KQ_Jl_knwZJPy9kaaj016kV5EaIHmjb4Jf8wATG8Y-IpgOSBQQIBBgBkgUECAUYBKAGUYAHwOyaW6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCChyfSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItMDg4OTI0NDY4NTczMDMyOQ&sigh=CcokV6Uqr84&tpd=AGWhJmsH8UvzTzUFHR1j74PRw8VTQ2I2OR_gezxGpX3_aWa8Jg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Mar 2021 20:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 73C2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkYY1nz5NgYKBZ6TvtzIWhLrGdz7nhoD5c450fXhznLLtJE7VaOpvGunY794II; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:00 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 05-Mar-2021 21:14:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame B99A 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 20:58:17 GMT
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 5272 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&slotname=2584126513&adk=2606909622&adf=4081121454&pi=t.ma~as.2584126513&w=614&fwrn=4&fwrnh=100&lmt=1614972128&rafmt=1&psa=0&format=614x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614975239614&bpp=6&bdt=892&idt=124&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=273&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gA9bcw3Aqz&p=https%3A//www.wincert.net&dtd=130
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
346881
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
/
loadeu.exelator.com/load/ Frame A68E
Redirect Chain
  • https://x.skimresources.com/?provider=exelate&gdpr=0&gdpr_consent=
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 05 Mar 2021 20:14:00 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadeu.exelator.com/load/?p=787&g=001&j=0&gdpr=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2D82 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkYY1nz5NgYKBZ6TvtzIWhLrGdz7nhoD5c450fXhznLLtJE7VaOpvGunY794II
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Mar 2021 19:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1956
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 503C 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Mar 2021 15:30:58 GMT
expires
Sat, 06 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
16982
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2D0C 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=604291079ac06&debugInfo=14038283_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14038283&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d9czvumiyxt&secondaryContent=&x=406&y=230&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8131&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
truncated
/ Frame F710 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4c58ed63840bf9f8b75616b1d9d66a348e3657612ac0834fcd15b55c38f9158

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F710 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:30:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
448987
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Mon, 28 Feb 2022 15:30:53 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F710 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 05:29:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
53046
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Sat, 05 Mar 2022 05:29:54 GMT
14439901257639879430
tpc.googlesyndication.com/daca_images/simgad/ Frame 57F9 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14439901257639879430
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3d2fcf3feca46ed18d420294c4e81cb6f0c45f5ceea1df726bf63e444db37af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 05:06:00 GMT
x-content-type-options
nosniff
age
54480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27470
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 23:30:12 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 05:06:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 57F9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:12:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 57F9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 57F9 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 57F9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 20:13:37 GMT
l
www.google.com/ads/measurement/ Frame 57F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpKlFacI_ZhSN0_FtdutfhrsAmWY7MF3SoTbm88MBpk9ZmCuBQ9dQfY85rs3Vc2qpEarglov8gnM4d-NhIgmmkBElfaA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 57F9 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10963
x-xss-protection
0
server
cafe
etag
5048180228173261443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 12:32:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 57F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPVk4CJFCYKTcDozGZNOugZAJ5M-B117HxJLvzgyk5_LtlQIQASDI7psVYJWKuILIB6ABs8Hx1gPIAQKpAthO8RrqLbc-qAMByAPJBKoE4AFP0E1OZEntk6KDytHAe-u2A86NO1BKqEEkyG2A8BDG55tu1IoiimD6d2WtQ0BiW4bsiZ16aL5Voe436AEQeI7EFHH1yE-gfQ40jw80YRy7H_mS5CLzVfOvbiM2qaJcOSrS1sVnn-m9NWNhlu8qPQvuQ9CNV8gNcMJy3RLUqytEUxu5ygO1THcBRPkBnGXOzPI4iBiW2uxOvOXkktRaYhpnQ47vXY9UoeR4vkXJ3m8ipUta2lJVT8yC-RjpZYLD3vlM_i95-WPQox-hjFcMG-XhaJF7N-JQ6ZkZPP9dbApLU8AEwcmnyagBkgUECAQYAZIFBAgFGASgBgKAB7W-jimoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQyOgZ0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTA4ODkyNDQ2ODU3MzAzMjk&sigh=7YBWrK89b90&tpd=AGWhJmtx99gSawHGP6Y_R5ZHGCFTxv5up3Wdo0fATjtZ3Gfbhw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Mar 2021 20:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 61F4 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klwqk70z&chm=1&ctx=2&gqid=B5FCYI_lM-SIiQaYoJiwCQ&qqid=CJnd-Mv7me8CFcIjGQod5KwIUg&met.4=fb.ew~lb.j0~ol.lz~bdt.-t4~bpp.-3s~idt.-5~dtd.-1~dt.-3v&met.3=422.fk~422.ha~422.ha~739.j1~555.jl~556.jl_2~735.jt_2~740.k4_1~740.k5~740.k6~740.lf~740.lf~738.lv~740.m2~740.m3~740.np~740.nq~113.u2_4~112.u1_5~740.u7~740.u8&met.1=1.klwqk66y~6.x~7.y~8.y~9.y~10.1s~11.y~12.19~13.ao~14.as~15.ct~16.j1~17.j1~18.j1~19.lv~20.lv~21.lz&met.7=CAUQCBgBKCIwhAM4lwZQIlhAYCJoLXCAA3ivyAGAAeTHAYgBwowFsAEBuAED~CBcQBhgBIJcEKJcEMLsEOCRorQRwtAR45ukBgAHf5gGIAd_mAbABAbgBAw~CBwQChgBIJcEKJcEML8EOChAmARImQRQmQRYrARgngRorQRwvAR48TuAAdI5iAHnjwGwAQG4AQM~CBwQChgBIJcEKJcEMMIEOCtorQRwwQR48wyAAYoMiAGaGbABAbgBAw~CBwQBhgBIJcEKJcEML8EOChorQRwvwR4vAGAAUOIAUOwAQG4AQM~CCoQChgBIJcEKJcEMOEEOEo~CBwQChgBIJcEKJcEML8EOChorQRwvwR45zCAAfwviAG2b7ABAbgBAw~CCEQBBgBIJ4EKJ4EMMsEOCxonwRwygR4qgKwAQG4AQM~CBwQChgBIKAEKKAEMMEEOCJorQRwwAR4wFaAAdNViAGzzwGwAQG4AQM~CCgQBRgBINIEKNIEMNkEOAdo0wRw2QR43AGAAZEBiAGPAbABAbgBAw~CCgQChgBIKAGKKAGMJEHOHJAoQZIogZQogZY3gZgtgZo3gZw-gZ42akBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B99A 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klwqk71e&chm=1&ctx=2&gqid=B5FCYMvnM-iN-cAPlp6DmAQ&qqid=CMn0-Mv7me8CFQvDGQodgu0Czg&met.4=fb.i1~lb.m2~ol.ne~bdt.-sf~bpp.-3h~idt.-7~dtd.-1~dt.-3n&met.3=422.kc~739.m3~555.mj~556.mj~422.mo~422.mp~740.mp~735.mp_2~740.mr~740.ms~738.n8~740.of~740.ux~113.v6_2~112.v5_2&met.1=1.klwqk669~6.1l~7.1l~8.1l~9.1l~10.1l~12.1y~13.gk~14.gp~15.gv~16.m3~17.m3~18.m3~19.n8~20.n8~21.ne&met.7=CAUQCBgBKDow2QQ4ygZoRnDUBHimyAGAAYnIAYgBmIwFsAEBuAED~CBcQBhgBIIgFKIgFMKgFOCBolgVwpgV45ucBgAHf5gGIAd_mAbABAbgBAw~CBwQChgBIIgFKIgFMKsFOCRolgVwqwV4sjqAAdI5iAHnjwGwAQG4AQM~CBwQChgBIIgFKIgFMKYFOB5olgVwpQV4sg2AAYoMiAGaGbABAbgBAw~CBwQBhgBIIgFKIgFMKUFOB1olgVwpAV4iASAAUOIAUOwAQG4AQM~CCoQChgBIIgFKIgFMJ4FOBY~CBwQChgBIIgFKIgFMKsFOCJolgVwqAV43TCAAfwviAG2b7ABAbgBAw~CCEQBBgBII0FKI0FMLgFOCtojgVwtwV4FbABAbgBAw~CBwQChgBII4FKI4FMKcFOBlQjgVYogVgjgVolgVwpgV4tlaAAdNViAGzzwGwAQG4AQM~CCgQBRgBIOoFKOoFMPEFOAdo6wVw8QV4pQGAAZEBiAGPAbABAbgBAw~CCgQChgBIOkGKOkGMLsHOFJo9wZwqgd48KUBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 4A15 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
265054
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2D0C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 2D0C 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wincert.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 20:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 503C 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ786l7xATAlMhfRxMvZqyY&google_cver=1&google_push=AQvitUK-M_Qivd_QKib4ZnpBsLOrp81JFWOOxzNVuuKuu3xrPNJ3NL-4sstASqDXBM9RINuztorjhAv1HxhChbmuVFqn8Vg6f7uFkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 503C
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIARKPr...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIARKPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDE4NzkyOTU5MTUxNzIzMQ%3D%3D&google_push=AQvitUIARKPrXcrNLATFlXINRTH4tudrj6O6AOzBoB6zCQ_Yd7YhAE-kzmnNzLrn06UC4d...
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDE4NzkyOTU5MTUxNzIzMQ%3D%3D&google_push=AQvitUIARKPrXcrNLATFlXINRTH4tudrj6O6AOzBoB6zCQ_Yd7YhAE-kzmnNzLrn06UC4dXQGh38dzSTlvvjXjmhXcP75hfESDGC1A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDE4NzkyOTU5MTUxNzIzMQ%3D%3D&google_push=AQvitUIARKPrXcrNLATFlXINRTH4tudrj6O6AOzBoB6zCQ_Yd7YhAE-kzmnNzLrn06UC4dXQGh38dzSTlvvjXjmhXcP75hfESDGC1A
Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:01 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 503C
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESENUmu9x9uAq4DV1G5__I_PY&google_cver=1&google_push=AQvitUJY7cHLdP9c1p7T93tAs0SzKiYDYLLiqOUq5LNVkLkY8fAN-qSqJxVUUwLedWu40hpjuc2xjPbElllVKXIXVoxBXWWTrMnNJQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJY7cHLdP9c1p7T93tAs0SzKiYDYLLiqOUq5LNVkLkY8fAN-qSqJxVUUwLedWu40hpjuc2xjPbElllVKXIXVoxBXWWTrMnNJQ&google_hm=DTs_S6DQyj489NfIpDfNQQ==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJY7cHLdP9c1p7T93tAs0SzKiYDYLLiqOUq5LNVkLkY8fAN-qSqJxVUUwLedWu40hpjuc2xjPbElllVKXIXVoxBXWWTrMnNJQ&google_hm=DTs_S6DQyj489NfIpDfNQQ==
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:00 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJY7cHLdP9c1p7T93tAs0SzKiYDYLLiqOUq5LNVkLkY8fAN-qSqJxVUUwLedWu40hpjuc2xjPbElllVKXIXVoxBXWWTrMnNJQ&google_hm=DTs_S6DQyj489NfIpDfNQQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ojj97j9p53j8hbudhivfonkg5e50jop8
pixel
cm.g.doubleclick.net/ Frame 503C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKLkuy9FBJUkxHXrEFT9KeJfp7EJFiJu-4f12MZDiohg4IoPlvZdIYbkXhXeRiR7Pfr62O397fBEG7NZUkKVRtrFUzXziiWYQ
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKLkuy9FBJUkxHXrEFT9KeJfp7EJFiJu-4f12MZDiohg4IoPlvZdIYbkXhXeRiR7Pfr62O397fBEG7NZUkKVRtrFUzXziiWYQ
Date
Fri, 05 Mar 2021 20:13:58 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 503C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMuFh5oOAizJon_064Fya30&google_cver=1&google_push=AQvitUKaCzbmeWb1S8aBQ7pGa2bcsq_h-_sJrtrKRXjRW6TilcvCnBxV-guxea-VfNL--GNR6X-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3NjAtMVYtTEtGRw==&google_push=AQvitUKaCzbmeWb1S8aBQ7pGa2bcsq_h-_sJrtrKRXjRW6TilcvCnBxV-guxea-VfNL--GNR6X-WnKXDzBE5euJSmCHCBR4tkrHf
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3NjAtMVYtTEtGRw==&google_push=AQvitUKaCzbmeWb1S8aBQ7pGa2bcsq_h-_sJrtrKRXjRW6TilcvCnBxV-guxea-VfNL--GNR6X-WnKXDzBE5euJSmCHCBR4tkrHf
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3NjAtMVYtTEtGRw==&google_push=AQvitUKaCzbmeWb1S8aBQ7pGa2bcsq_h-_sJrtrKRXjRW6TilcvCnBxV-guxea-VfNL--GNR6X-WnKXDzBE5euJSmCHCBR4tkrHf
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 503C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDS-wVOK3zL3byR7aBm2WIU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_gid=CAESEDS-wVOK3zL3byR7aBm2WIU&google_cver=1&google_push=AQvitUIDsb3eGpX7_8XAyjOv6kMjlUThW7UwP...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_gid=CAESEDS-wVOK3zL3byR7aBm2WIU&google_cver=1&google_push=AQvitUIDsb3eGpX7_8XAyjOv6kMjlUThW7UwPizpx90-lwMG5xUGLoKP5Mk7BQikZpJ-QiFNT2ZR2iZoMI1gKyajGLtRaIIYnrJKNA
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_gid=CAESEDS-wVOK3zL3byR7aBm2WIU&google_cver=1&google_push=AQvitUIDsb3eGpX7_8XAyjOv6kMjlUThW7UwPizpx90-lwMG5xUGLoKP5Mk7BQikZpJ-QiFNT2ZR2iZoMI1gKyajGLtRaIIYnrJKNA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
462
Expires
Fri, 05 Mar 2021 20:14:00 GMT
pixel
cm.g.doubleclick.net/ Frame 503C
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJeSCedGYbldhOYpil7FqnY&google_cver=1&google_push=AQvitUK8YFwYrunEF3-NDL2V...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK8YFwYrunEF3-NDL2Vsfmep2ez1YRptlehV_FkF6buDrvnRaYbMHxUFR2oqaSBtqHhl2TMSYNeBlkFcyz-1UGaOspTmu_YbjA&google_hm=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK8YFwYrunEF3-NDL2Vsfmep2ez1YRptlehV_FkF6buDrvnRaYbMHxUFR2oqaSBtqHhl2TMSYNeBlkFcyz-1UGaOspTmu_YbjA&google_hm=
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK8YFwYrunEF3-NDL2Vsfmep2ez1YRptlehV_FkF6buDrvnRaYbMHxUFR2oqaSBtqHhl2TMSYNeBlkFcyz-1UGaOspTmu_YbjA&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Thu, 04 Mar 2021 20:14:01 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 503C 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Igi-U52KwAj894cf1NEIIkKC5t5RE11dDD9hbnwcUYBJTwf941uGl8t5HzCLavahxuJMeGWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:00 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame 87F3 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkzG_EIlK2C0vwgQRaffJRkjCysik0pwuSOUVacXMvTkV_q7v9tnURWP-GMxSg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Mar 2021 19:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1956
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 78CA 		247 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
716c8ea06e309960825b9e1858ff1471b683315a9183dc8a14b21b64bbc19c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-CdM89gSlACkZ7g0FfzQbCg' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
204
date
Fri, 05 Mar 2021 20:14:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C9D7 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Mar 2021 15:30:58 GMT
expires
Sat, 06 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
16982
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2D82
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkzG_EIlK2C0vwgQRaffJRkjCysik0pwuSOUVacXMvTkV_q7v9tnURWP-GMxSg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:01 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 05-Mar-2021 21:14:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:01 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 19A0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
346881
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame F710 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=1651904771&pi=t.aa~a.3346331462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1443&idt=-M&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280&nras=2&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=1316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jCFJ7Jqtak&p=https%3A//www.wincert.net&dtd=30
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 20:58:17 GMT
truncated
/ Frame 57F9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff9538d89df18bc708db4dfdc446571d6e6624253806c58490536c59a35a6fe8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6F2C 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2277
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:36:04 GMT
dpixel
cms.quantserve.com/ Frame C9D7 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELimvzxXyNXlQxMAaIU1ehc&google_cver=1&google_push=AQvitUIOPoo3kIZvTTMyTLC_YQK0SbaLC6z0ujP3vZRBj8yg_qqXuvn7ZxS5nR72k3BaGNyBSauEwx5u5e6t5gyPn3D-ERlJJe_X
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C9D7
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJvj5F0...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJvj5F0...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDIwNTExODA2ODIwNjk5MQ%3D%3D&google_push=AQvitUJvj5F0NjMdTcsCp-iE47yBZG8fsIWl9YGrt5KjVghW8x8xZZSx9pkUfq_7GXlPmy...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDIwNTExODA2ODIwNjk5MQ%3D%3D&google_push=AQvitUJvj5F0NjMdTcsCp-iE47yBZG8fsIWl9YGrt5KjVghW8x8xZZSx9pkUfq_7GXlPmySV3LHOcnZYcKb82BK43UyB27RTCGk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMDUyMDE0MDIwNTExODA2ODIwNjk5MQ%3D%3D&google_push=AQvitUJvj5F0NjMdTcsCp-iE47yBZG8fsIWl9YGrt5KjVghW8x8xZZSx9pkUfq_7GXlPmySV3LHOcnZYcKb82BK43UyB27RTCGk
Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:02 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C9D7
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEITVAN122HNVM7z-EJSTPgw&google_cver=1&google_push=AQvitUK9ChKdkfHxgfyeZD-zk9xMhSvlu_yJkoFJMuBnNNz1bfHhy0s7rT3rlCA0zII4d-RWrRYhqbmXFxBHJ159e7h3UO7Vlcw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK9ChKdkfHxgfyeZD-zk9xMhSvlu_yJkoFJMuBnNNz1bfHhy0s7rT3rlCA0zII4d-RWrRYhqbmXFxBHJ159e7h3UO7Vlcw&google_hm=DTs_S6DQyj489NfIpDfNQQ==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK9ChKdkfHxgfyeZD-zk9xMhSvlu_yJkoFJMuBnNNz1bfHhy0s7rT3rlCA0zII4d-RWrRYhqbmXFxBHJ159e7h3UO7Vlcw&google_hm=DTs_S6DQyj489NfIpDfNQQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK9ChKdkfHxgfyeZD-zk9xMhSvlu_yJkoFJMuBnNNz1bfHhy0s7rT3rlCA0zII4d-RWrRYhqbmXFxBHJ159e7h3UO7Vlcw&google_hm=DTs_S6DQyj489NfIpDfNQQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
rs8405olm9327c19am48df88fe8kb8r9
pixel
cm.g.doubleclick.net/ Frame C9D7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJRT4Th2RwVtON-tf3WgFr2dQ3HgRXlZjMjKXYjKwk7TQKQxwyw5onjTY3CDBDgfnlud_9OdgMmUPvhqhs3SmTQqG8s7lk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RoTgn8OjTTOzn1L3As89zw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJRT4Th2RwVtON-tf3WgFr2dQ3HgRXlZjMjKXYjKwk7TQKQxwyw5onjTY3CDBDgfnlud_9OdgMmUPvhqhs3SmTQqG8s7lk
Date
Fri, 05 Mar 2021 20:14:01 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C9D7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELbYI6i4fXMRamimv5QoR2w&google_cver=1&google_push=AQvitUJjhGXkAz6W2x1fzRopQGdsl0gKZ9tU_4v0ndLptnCZZTdMiEt_11lKSmeGl4TX51sYq0q...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3OVotMU4tSTdJWg==&google_push=AQvitUJjhGXkAz6W2x1fzRopQGdsl0gKZ9tU_4v0ndLptnCZZTdMiEt_11lKSmeGl4TX51sYq0qPhAVW49Ll-fnEzYp8WO47WvQB
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3OVotMU4tSTdJWg==&google_push=AQvitUJjhGXkAz6W2x1fzRopQGdsl0gKZ9tU_4v0ndLptnCZZTdMiEt_11lKSmeGl4TX51sYq0qPhAVW49Ll-fnEzYp8WO47WvQB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xXUUs3OVotMU4tSTdJWg==&google_push=AQvitUJjhGXkAz6W2x1fzRopQGdsl0gKZ9tU_4v0ndLptnCZZTdMiEt_11lKSmeGl4TX51sYq0qPhAVW49Ll-fnEzYp8WO47WvQB
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame C9D7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI2SiCJLggA-pN6IfCAhktM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_push=AQvitULGYoI6aERVhB9ps_oCMyvEL82XTIiXvmmHlUFGv_8WUm3291WCG91vlqHlsHO5ThvKqiA-vsIbIyXmPGMTJj...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_push=AQvitULGYoI6aERVhB9ps_oCMyvEL82XTIiXvmmHlUFGv_8WUm3291WCG91vlqHlsHO5ThvKqiA-vsIbIyXmPGMTJjm3Xy1xqh-v&google_cver=1&google_gid=CAESEI2SiCJLggA-pN6IfCAhktM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEKRCJLY7q12QJynegG5eQAABLUAAAAB&google_push=AQvitULGYoI6aERVhB9ps_oCMyvEL82XTIiXvmmHlUFGv_8WUm3291WCG91vlqHlsHO5ThvKqiA-vsIbIyXmPGMTJjm3Xy1xqh-v&google_cver=1&google_gid=CAESEI2SiCJLggA-pN6IfCAhktM
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Fri, 05 Mar 2021 20:14:01 GMT
pixel
cm.g.doubleclick.net/ Frame C9D7
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHFkuj0cB92E0swMtsxrG-s&google_cver=1&google_push=AQvitUIIZtdIQFAj5pgfpmEb...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIIZtdIQFAj5pgfpmEbuq64NuTTzW15YMBcRiVNz0dYQbN6T4rj1Fl7TEgCdaWK_-_if1O1olY8YHvq-z7HuPFUQH9emCMd&google_hm=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIIZtdIQFAj5pgfpmEbuq64NuTTzW15YMBcRiVNz0dYQbN6T4rj1Fl7TEgCdaWK_-_if1O1olY8YHvq-z7HuPFUQH9emCMd&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIIZtdIQFAj5pgfpmEbuq64NuTTzW15YMBcRiVNz0dYQbN6T4rj1Fl7TEgCdaWK_-_if1O1olY8YHvq-z7HuPFUQH9emCMd&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Thu, 04 Mar 2021 20:14:01 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C9D7 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVIo8VdYw4VpUhCNdQJC4KTyxG-MoXTGds19Et6scnDeAxcvDZHfNQ27vIOUsGjKzsGM6BCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:01 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 87F3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkzG_EIlK2C0vwgQRaffJRkjCysik0pwuSOUVacXMvTkV_q7v9tnURWP-GMxSg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:01 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 05-Mar-2021 21:14:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 20:14:01 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 20:14:01 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame F710 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klwqk78p&chm=1&ctx=2&gqid=CJFCYJu-DcG0iQasvp_wAQ&qqid=CPW1j8z7me8CFRMbGQodGK4HAw&met.4=fb.ai~lb.fb~cmrload.ki~ol.kt~bdt.-14z~bpp.-v~dtd.-2~dt.-w&met.3=739.fc~555.i0~556.i0_1~740.if_1~740.io~740.io~740.ip~740.k9~738.ko~749.ko_4~735.la_1~740.mw~740.mx~740.mz~113.pw_2~112.pw_2~740.qm&met.1=1.klwqk6it~6.2~7.2~8.2~9.2~10.2~12.3~13.a2~14.a7~15.a9~16.fb~17.fb~18.fb~19.ki~20.ki~21.ks&met.7=CAUQCBgBKAIw7wI47QVoA3DqAnirxQGAAYTEAYgB48EEsAEBuAED~CBIQBxgBIPcCKPcCMIYDOBBo9wJwhgN4hgWAAacEiAHzGKoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIPkCKPkCMIEDOAlo-gJwgQN44AeAAYAHiAGADLABAbgBAw~CBwQChgBIPkCKPkCMIIDOAlo-gJwgQN47jmAAdI5iAHnjwGwAQG4AQM~CBwQChgBIPkCKPkCMIUDOAto_gJwhAN4pgyAAYoMiAGaGbABAbgBAw~CCoQChgBIP8CKP8CMKgDOCk~CBwQChgBIP8CKP8CMIcDOAhogANwhwN4mDCAAfwviAG2b7ABAbgBAw~CBsQBhgBIP8CKP8CMJADOBA~CBsQChgBIIADKIADMIsDOAs~CCEQBBgBIKEDKKEDMMwDOCtooQNwywN4FbABAbgBAw~CCgQBRgBIKkDKKkDMLADOAdoqgNwsAN4pQGAAZEBiAGPAbABAbgBAw~CBwQBRgBIKoDKKoDMLEDOAdoqwNwsQN41gaAAdQFiAGWCbABAbgBAw~CBMQAhgBIK0EKK0EMLUEOAhorQRwtAR4vKoBgAHUqQGIAdSpAaoBEAoKZ29vZ2xlc2FucxAbGAKwAQG4AQM~CBMQAhgBIK8EKK8EMLgEOAhorwRwtgR4l6kBgAGwqAGIAbCoAaoBEAoKZ29vZ2xlc2FucxAbGAKwAQG4AQM~CCgQChgBIPgFKPgFMMwGOFRA_AVI_AVQ_AVYxgZg_AVongZwxgZ4w6kBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 78CA 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
3f947174d758a4fccd7d48ce9e0ee0cabdea8d9fb6fb58101ab520bc2a753283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-wvjusZI45actRgV7q95haA' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
2424
date
Fri, 05 Mar 2021 20:14:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ Frame 4A15 		65 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2FLowMLprerollsdk&description_url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&env=vp&correlator=3455387520864929&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1959599542&sdk_apis=2%2C8&sid=4BEF7895-BED1-43DC-9147-ED538307C03E&eid=44712632%2C44729226&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&dt=1614975241240&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&scor=4483908168421215&ged=ve4_td1_tt0_pd1_la1000_er279.-2727.432.-2427_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
96e89b9e18f8ab2b83fff18707f5aa44295f7814a977c09714293395b08f4740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13780
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eeda4d7931dc9a361d9668a2aa79eb57856b4ee84f8eb3d8f5cdc87a7dda424c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6528
x-xss-protection
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 57F9 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
944
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 20:58:17 GMT
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 1114 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0889244685730329&output=html&h=280&adk=2151893811&adf=3613707315&pi=t.aa~a.3346331462~i.25~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1614972128&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9119414024&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1614975240165&bpp=1&bdt=1442&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e0ff154db985f2f-22aba0bbf6a600da%3AT%3D1614975239%3ART%3D1614975239%3AS%3DALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw&prev_fmts=0x0%2C614x280%2C614x280%2C620x280&nras=3&correlator=5441724635662&rume=1&frm=20&pv=1&ga_vid=1461666795.1614975240&ga_sid=1614975240&ga_hid=545090916&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=3374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068495%2C21066613%2C21066615&oid=3&pvsid=3287915772495480&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=LiuFxjWZMy&p=https%3A//www.wincert.net&dtd=36
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
346882
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
csi
csi.gstatic.com/ 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klwqk675&c=3287915772495480&e=21068495%2C21066613%2C21066615&ctx=1&met.3=779.19o_1~166.19h_9~779.1ad~164.1ah_b~165.1ae_e~166.1ad_f~247.1dd~248.1de~164.1dg_1~165.1db_6~247.1dt~248.1dt~164.1du_1~165.1ds_3~326.1ei_2~827.1ek~161.1el_2~216.1ee_z~215.1ee_10~843.1ed_11~832.1fe~639.1fy~160.1fy~326.1gr~827.1gr~161.1gr~216.1gq_1~215.1gq_1~832.1gs~639.1h2~160.1h2~189.1h3~326.1hj~827.1hj~161.1hj~216.1hi_1~215.1hi_1~832.1hj~639.1hp~160.1hp~189.1hp~112.1hu_1~189.1j2~298.1ko~298.1ko~298.1kw~155.1jp_1c~629.1pb~143.1qw_2~453.1s7_1~754.1sa_2~247.1sg~248.1sg~326.1sh~827.1sh~161.1sh~164.1sg_2~165.1sf_3~453.1si_1~754.1sk_1~247.1sm~248.1sm~326.1sn~827.1so~161.1so~164.1sn_2~165.1sm_3~453.1so_1~754.1sq_1~453.1sr_1~754.1st_2~453.1sv_1~754.1sx~453.1sy_1~453.1sz_1~453.1t1_1~454.1t2_1~454.1t3_1~454.1t4_1~453.1t6_1~753.1t9~353.1rx_1c~832.1tb~832.1tb~298.1tq~298.1tu~639.1tx~160.1tx~639.1tx~160.1tx~132.1tz~129.1us_1~143.1ut_2~189.1ux~189.1ux~168.1wy~168.1wy~168.1wy~168.1wy~168.1wy~168.1wy~168.1wy~168.1wy~168.1wy_4~168.1wy_4~168.1x2~168.1x2~168.1x2~132.1x2~168.1x2~168.1x2~168.1x2~168.1x2~168.1x2~168.1x2~168.1x2~168.1x3~168.1x3~168.1x3~168.1x3~168.1x3~143.1xy_2~168.1yo~168.1yo~168.1yo~168.1yo~168.1yo~168.1yo~168.1yo~168.1yo~168.1yo_2~168.1yo_2~168.1yr~168.1yr~168.1yr~132.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.1yr~168.20o~168.20o~168.20o_3~168.20o_3~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~132.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~168.20s~132.211_1~132.212~132.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~168.213~132.214~168.214~168.214~168.214~168.214~168.214~168.214~168.214~168.214~168.214~168.214~168.214~168.214~132.214~143.21a_5~168.233~168.233~168.233_3~168.233_3~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~132.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~129.236~132.23f~132.23f~132.23f~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~132.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~168.23g~132.23g~143.254_2~143.294_5~132.2bc~132.2bc~132.2bc~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~132.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2bd~168.2be~168.2be~168.2be~168.2be~168.2be~168.2be~132.2be~129.2c2~143.2cj_2~132.2g1~132.2g2~132.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~132.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g4~168.2g5~168.2g5~168.2g5~168.2g5~168.2g5~168.2g5~132.2g5~143.2g6_5~129.2j8~143.2j9_2~132.2ly~132.2ly~143.2mc_3~154.2nx&met.7=CBsQCMABh6yz4Qc~CBsQByD6BjiIBMABlenklgs~CBsQByD6BjimBMAB0J2dkQY~CBsQByD6BjijBcAB3KSX6AQ~CBsQByD6BjimBcABo_aheQ~CBsQByD6BjiqBcABgvXE-w0~CBsQByD7BjitBcABka_FpwM~CBsQByD7BjjSBcABuoK3wwU~CBsQByD7BjjUBcAB-NSGuQw~CBsQChgBIPwGKPwGMJgHOBzAAYzV2OsE~CBsQByD8Bjj-A8AB36StuAk~CBsQByD8BjiDBMAB3JiMkQo~CBsQCiD8BjjYBcAB_tCyvQ8~CBsQCiD8BjjXBcABt47Gggc~CBsQCiD8BjjXBcABv7TFsgQ~CAEQChgBIPwGKPwGMLMHODZA_wZI_wZQ_wZYkgdghQdokgdwqAd43o4DgAGvigOIAYTjCLABAbgBA8AB3o6_mwE~CBsQBiD9Bji9B8AB-PePfA~CBsQCiCmBzjTBcAB2euw8wo~CBsQCiDKBzjyBsABn4m5kgI~CBsQBiCeCDicBsABqq-mYA~CBsQCiCeCDi4BcABsLqN6wE~CBsQCiCgCDixBcAB2paCvgI~CBsQCiChCDiXBsAB7LaBlwU~CBsQCiChCDidBsAB0ZbgpQQ~CBsQCiChCDiXBsABxpu3zg0~CBsQCiChCDiXBsABkb7Kxww~CBwQChgBIIgNKIgNMOANOFhAiA1IiA1QiA1YqQ1giA1olQ1w1A147q0FgAHuqQWIAeabDrABAbgBA8AB7tu-uQM~CAwQBRgBIJQNKJQNMJwNOAholA1wmw14rCmAAZAoiAGqW7ABAbgBA8ABtJH-0Ag~CBsQDSCkDTgPwAGAkfKHCA~CCgQDRgBILUNKLUNMMMNOA7AAeKygLkD~CBsQBhgBIMUNKMUNMOMNOB9oxg1w4w14a4ABKogBKrABAbgBA8AB_-bozAs~CBsQBhgBIMUNKMUNMOUNOB9oxw1w5A14a4ABKogBKrABAbgBA8AB_beM5gE~CBwQChgBIJwOKJwOMKUOOAhonQ5wpA54xp0BgAHRnAGIAcWVA7ABAbgBA8AB_r7HqgI~CBsQBiDRDjhowAHF3oiUCg~CBsQBiDSDjhrwAGuoYnODQ~CBsQBiDSDjhtwAGVoIO_DQ~CBsQBiDSDjhrwAHH19Ir~CBsQBiDSDjhswAHEvrZD~CCoQChgBIM0OKM0OMOIOOBTAAab7gJMH~CBsQBiD7DTjbAcABgvy1qgk~CBsQBiD8DTjdAcABpczxqAo~CC8QBxgBIMUOKMUOML8POHtAxQ5Ixg5Qxg5Yrw9gyw5orw9wvw94nwaAAWSIAWuwAQG4AQPAAe21srAK~CBsQBiDlDjhwwAGYksruDg~CBsQBiDlDjhwwAGYksruDg~CBsQBiD7DTjbAcABuuGd8ww~CBsQChgBIL4OKL4OMOIPOKQBQL8OSMEOUMEOWLAPYNQOaLEPcOIPeIAFgAHAAYgByQGwAQG4AQPAAeSq4PAC~CC8QBxgBIMUOKMUOMMIPOH1Axg5Ixw5Qxw5YsQ9gzA5osg9wwg94qQSAAWSIAWuwAQG4AQPAAZv_iccH~CBsQBiDQDjjKAcAB8dmxggw~CBsQBiDQDjjKAcAByNXM6QU~CBsQBiDQDjjKAcAB4J36hA4~CBsQBiDRDjjPAcABmr6Rmgc~CBsQBiDRDjjPAcABjK683g8~CBsQBiDRDjjPAcABz-m_jgY~CBsQBiDRDjjPAcABgKCDjAI~CBsQBiDRDjjPAcABqIyEiAU~CBsQBiDRDjjPAcAB-KmW-Ag~CBsQBiDRDjjQAcABobvDkgk~CBsQDSCLEDgkwAGe3LTkAw~CBsQDSCYEDgmwAGe3LTkAw~CBsQByC7EDgpwAG6hL3kDw~CBIQBxgBINsQKNsQMOsQOA9o3BBw6hB46ASAAYkEiAHcEKoBCAoGUm9ib3RvsAEBuAEDwAHWx7vICg~CBsQBiCPETgtwAGA-a7nBw~CBMQAhgBILkRKLkRMMAROAZouhFwvxF4w3uAAfh6iAH4eqoBDAoGcm9ib3RvEBQYArABAbgBA8AB7efF9gg~CAUQBRgBIMwOKMwOMJ0QONABaLgPcJwQeJYXgAHjEogB6fgCsAEBuAEDwAGQx7LwCA~CBsQBiCQETiNAcABppverA0~CBsQBiCQETi0AcAB-6H4qQQ~CBsQBiCQETivAcABq5n58w4~CBsQBiCQETi3AcABg9SfPA~CBsQBiCQETi3AcABnuq0vwI~CBsQBiCQETi1AcAB_qb3xgk~CBsQBiCQETi1AcABjIKTqAE~CBsQDSD1ETgnwAHN28GHAw~CBsQDSD1ETgpwAGbwu2HAw~CBsQBSCFEThywAHIg_TyBw~CBsQBiCQETjQAcAB2MiU7gg~CBsQBiCRETjiAcAB6NbbzA0~CBsQBSDgETgrwAHXnYXRDA~CC8QBxgBIK8SKK8SMNMSOCRAsBJIsBJQsBJYyRJgsBJovhJw0xJ4iQaAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBILASKLASMNsSOCtAsBJIsBJQsBJY0RJgsBJovxJw2hJ4kwSAAWSIAWuwAQG4AQPAAZv_iccH~CAUQBRgBIIsPKIsPMI4SOIQDUK0PWMsPYK0PaLcPcIoSeK_IAYAB5McBiAHCjAWwAQG4AQPAAZDHsvAI~CBsQBSDwEjgtwAGWusShBw~CAUQBRgBIPIOKPIOMMsTONkEaLgPcMYTeKbIAYABicgBiAGYjAWwAQG4AQPAAZDHsvAI~CAUQBRgBILUSKLUSMKUVOO8CaLgScKAVeKvFAYABhMQBiAHjwQSwAQG4AQPAAZDHsvAI~CAUQBRgBILsSKLsSMJIWONcDaL8ScJAWeIm7AYAB4bkBiAGS9gOwAQG4AQPAAZDHsvAI~CDcQBRgBIIMYKIMYMO0YOGrAAbe0yPoF~CBsQCDj9GsABh6yz4Qc&met.1=1.klwqk4pb~6.7w~7.7x~8.8b~9.8b~10.j1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/rum_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0889244685730329&plah=www.wincert.net&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 05 Mar 2021 20:14:01 GMT
csi
csi.gstatic.com/ Frame 57F9 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klwqk7gm&chm=1&ctx=2&gqid=CJFCYOLyDdOcZLDbjbgE&qqid=CKSAkMz7me8CFQwjGQodU1cAkg&met.4=fb.im~lb.m7~cmrload.qf~ol.u8~bdt.-153~bpp.-10~idt.-10~dtd.-1~dt.-11&met.3=739.m8~555.mi~556.mi~735.mo_1~740.mr~740.ms~740.mu~740.mu~740.qh~740.qh~740.t2~740.t3~738.u4~740.x6~740.x7~113.xo_2~112.xo_3&met.1=1.klwqk6iy~6.0~7.0~8.0~9.0~10.0~12.5~13.d1~14.d3~15.e6~16.m8~17.m8~18.m8~19.u4~20.u4~21.u8&met.7=CAUQCBgBMNcDOMAIaARw1QN4ibsBgAHhuQGIAZL2A7ABAbgBAw~CBcQBhgBIJ0FKJ0FMKcFOApongVwpgV4zNcBgAHO1gGIAc7WAbABAbgBAw~CBwQChgBIJ0FKJ0FMKcFOApongVwpgV47jmAAdI5iAHnjwGwAQG4AQM~CBwQChgBIJ4FKJ4FMK0FOBBopQVwrAV4pgyAAYoMiAGaGbABAbgBAw~CCoQChgBIJ4FKJ4FMNMFODU~CBwQChgBIJ4FKJ4FMKwFOA5opQVwqwV4mDCAAfwviAG2b7ABAbgBAw~CBsQBhgBIJ4FKJ4FMLMFOBU~CBwQChgBIJ4FKJ4FMK4FOBBopwVwrgV471WAAdNViAGzzwGwAQG4AQM~CCEQBBgBIKEFKKEFMNQFODJopwVw0wV4FbABAbgBAw~CCgQBRgBIO4FKO4FMPcFOAlo8AVw9gV4pQGAAZEBiAGPAbABAbgBAw~CBsQBRgBIO8FKO8FMIYHOJcB~CBwQBRgBIPAFKPAFMPsFOAto9QVw-wV47gWAAdQFiAGWCbABAbgBAw~CCgQChgBIM8IKM8IMO0IOB5o0Ahw6wh4xqUBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame BC7C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wincert.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 17:43:59 GMT
expires
Sat, 05 Mar 2022 17:43:59 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9002
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame BC7C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
346882
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
csi
csi.gstatic.com/ Frame 4A15 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klwqk7as&c=5441724635662&slotId=2720862317831&qqid=CL6F0Mz7me8CFTnFuwgd-EUCIQ&gqid=CZFCYLqeEKij7_UPiKmKyAM&fb=ima-html5&sdkv=h.3.445.1&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44712632%2C44729226&met.4=ghmsh_s.klwqk7js~ghmsh_s.klwqk7jt&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=946xmaU7ST0Lm1q1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=26&serverTime=1614975240&vid_playerVer=3.1.0&s=58057&sta=11403436&x=477&y=268&msta=14038283&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&rvn=4270&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975241574&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=41&serverTime=1614975240&vid_playerVer=3.1.0&s=58057&sta=11403436&x=477&y=268&msta=14038283&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&rvn=4270&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975241575&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgQHnCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5EhGyhXx3X-dbufwLTulf6SU_PqcljHh-UMAEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NLEJ1WBWBj7nqcSACgOYCwHICwHQCw-4DAHYEwI&sigh=w1BuN7vXE8E&label=show_ad&acvw=&sdkv=h.3.445.1&vci=CmsIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUh0QDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4A15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9E62CZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMm_c6gIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTg1NzgwMDU1NzYwMDU3NDSACgPICwHCEwYYqJ_jzwPYEwKyFxoKGAgAEhRwdWItMTMyMDc3NDY3OTkyMDg0MQ&sigh=z2TX7Xy1HMs&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&vt=10&sdkv=h.3.445.1&vci=CmsIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUh0QDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 4A15 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame 2D0C 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klwqk726&c=5441724635662&slotId=2720862317831&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A15 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.445.1&e=44712632%2C44729226&id=ima_html5&c=3671820768603421&domain=www.wincert.net
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r2---sn-4g5ednll.googlevideo.com/
Redirect Chain
  • https://r4---sn-1gi7znes.googlevideo.com/videoplayback?expire=1615004041&ei=CZFCYJnlHI7W-gbM8bWgBA&ip=185.156.175.107&id=540bfb356bb8d4d9&itag=22&source=youtube&requiressl=yes&mh=DK&mm=31&mn=sn-1gi...
  • https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1615004041&ei=CZFCYJnlHI7W-gbM8bWgBA&ip=185.156.175.107&id=540bfb356bb8d4d9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&cti...
575 KB
575 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1615004041&ei=CZFCYJnlHI7W-gbM8bWgBA&ip=185.156.175.107&id=540bfb356bb8d4d9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.557&lmt=1613657614526357&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgS2ADxfxV6PEpNpbaONt4LdoHvDn-aqHbCZrY-NVcjg4CIQDgX6NCc9BTPBA6dyd_bBZUL5ZQx_a2khhnR_XNj0x4eQ==&cpn=946xmaU7ST0Lm1q1&redirect_counter=1&rm=sn-1giez7z&req_id=a136612f906836e2&cms_redirect=yes&ipbypass=yes&mh=DK&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednll&ms=au&mt=1614974920&mv=m&mvi=2&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIAokqDRk2RBBGNRfCPvcgcD7xkfZy4NcihK_7vENP0JAiBkQZhHM-qVcXDFU3gI6rR3flZeYO80g7RG2BrrcoY5jA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:5a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ff49b1ac0e0054c84909623bd55c233652919143a34bc028bb68c42531e2bb1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 18 Feb 2021 14:13:34 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-588351/588352
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
588352
Expires
Fri, 05 Mar 2021 20:14:01 GMT

Redirect headers

Date
Fri, 05 Mar 2021 20:14:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r2---sn-4g5ednll.googlevideo.com/videoplayback?expire=1615004041&ei=CZFCYJnlHI7W-gbM8bWgBA&ip=185.156.175.107&id=540bfb356bb8d4d9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.557&lmt=1613657614526357&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgS2ADxfxV6PEpNpbaONt4LdoHvDn-aqHbCZrY-NVcjg4CIQDgX6NCc9BTPBA6dyd_bBZUL5ZQx_a2khhnR_XNj0x4eQ==&cpn=946xmaU7ST0Lm1q1&redirect_counter=1&rm=sn-1giez7z&req_id=a136612f906836e2&cms_redirect=yes&ipbypass=yes&mh=DK&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednll&ms=au&mt=1614974920&mv=m&mvi=2&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIAokqDRk2RBBGNRfCPvcgcD7xkfZy4NcihK_7vENP0JAiBkQZhHM-qVcXDFU3gI6rR3flZeYO80g7RG2BrrcoY5jA%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Fri, 05 Mar 2021 20:14:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=3287915772495480&bg=!6Oul66jNAAWsVXnBrDsAKQB2-DxaE85gBnDlOb7cCMAuqjOUKAfC613nC4bzD41V7RZNjI_LbV6gAgAAAKRSAAAADGgBBwoBEY7QELCJgXkf0DB0llw4X5NKC3xd2RrQOWHdD2zZRrCYgSyjceR7SfVtMOYhIm6j7Qjyd1ucmP7aaygu7DCza1-ujwW10Wx5DJoy3nrgCjORFPp34Gq13tHDLseNW2GO8HiohWNxA5LlYSkR_tz3_vRU9DEl-_Bqy5jkIveBrsmqER-w1N6vTU6xyAvJi8BXXDGhFVsIQU9rBts1SWJxhTfBI27mA7CGHQ1krRLvjex0qx8BLVuyyxAZivzXsDOR3hkP3dF57QReaID57Qgxk-QDZH2nh9sKgJFOYtD47Io86qHXPzYYDhTZDfjVlDCzNTIhp8jaxnc4VrnXsFZ4VqfgqMCpXMZYnBDZOSsZ1VB2iZkB-gsZ8oDHjPDfvQsVvKw4j9doHMJ7tExgAXFcmIFtmEBcgbb4sfTi7RunNJ-Gn-qxA8sqkLT-mMCyK8qigeWwI7Rccg0KDJDxn68MZ28g1P62cOsqty60_TpzeNxPYQ8gGnFQFr9WFcZ2HpwvcZcquDSqDtx3VSgkRtTaka3OircvfVScllcq0dm22zUWve2QK1inE35vaqUbt5fCZBlcKF7zBXF1ginj5a17nquBEHqdo3xt7zem559-Dz5UzPYYtyfN-rigA1fYv5q6BOfKOjSlfp4e3UHOap2pqF27_UyS4C7hAJcCKFBX-wjMXvLjEBq2j3KUSIIXtuVkGN_2-_hsdGW0m_D6Lzyn8NasqK2lIRuldrJkqc9Wpvu8FT2OJ0fG6o-XGyn9ITvrtEsJGOlW45IIj0bJJ-fOLOvZPrUBpXya1YF3G74LOV5W_tEGO782Q8mMVoNJmaNHnTEN4Ec1u3FusaR5nDyNi0JLqgziU-qRyp1-waQqI5PwDJxAKfJcIvZ5ngvPGXY4OoPoKmmAjZxZJR5lQa8tQgI0KH0B1SIk-Y56zObOqWBGutCZcaZOOfoAlC-Q3dEbkTgbC4jAS84P4Gpwl4m1wN6ENHsx2Mv_XNzd08JNyfY3yNeqzlwSrmRvZbqvaIEcfVCQqXMU72e4j_xeQG4n
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6DBB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wincert.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=159196:2; KADUSERCOOKIE=4684E09F-C3A3-4D33-B39F-52F702CF3DCF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wincert.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=118731
Expires
Sun, 07 Mar 2021 05:12:52 GMT
Date
Fri, 05 Mar 2021 20:14:01 GMT
Connection
keep-alive
Vary
Accept-Encoding
user-registering
ads.stickyadstv.com/ Frame 2D0C
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f5699063d2a23f9f1cecd58df4ef569c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=d091_6936265843945637643
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjU2OTkwNjNkMmEyM2Y5ZjFjZWNkNThkZjRlZjU2OWM=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENMbnmhII02ArGQnexbL7Y0&google_cver=1&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YEKRCQAAAGGaMyzr&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3c0117ae-aebd-4fab-b8c0-9e55960813f8
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=dd056042-910a-4200-9e6b-a97c6c338a97&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1864535805343350866
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAFWlU7AhSIAAET9w_EoFA
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f5699063d2a23f9f1cecd58df4ef569c&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-MyAtkR91lwSwNVoyjhvZgEmuN.jLdq2bpC1t0PWy
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7247970263978355120
0
0
sync
pixel.advertising.com/ups/55986/ Frame 2D0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YEKRCQAAAGGaMyzr&_origin=0&gdpr=1&gdpr_consent=&_test=YEKRCQAAAGGaMyzr
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55986/sync?uid=YEKRCQAAAGGaMyzr&_origin=0&gdpr=1&gdpr_consent=&_test=YEKRCQAAAGGaMyzr
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:02 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614975242.032313,VS0,VE0
x-served-by
cache-fra19138-FRA
x-cache
HIT
location
https://pixel.advertising.com/ups/55986/sync?uid=YEKRCQAAAGGaMyzr&_origin=0&gdpr=1&gdpr_consent=&_test=YEKRCQAAAGGaMyzr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
pixel.advertising.com/ups/55953/ Frame 2D0C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=3c0117ae-aebd-4fab-b8c0-9e55960813f8&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0117ae-aebd-4fab-b8c0-9e55960813f8
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55953/sync?uid=3c0117ae-aebd-4fab-b8c0-9e55960813f8&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0117ae-aebd-4fab-b8c0-9e55960813f8
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:02 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.advertising.com/ups/55953/sync?uid=3c0117ae-aebd-4fab-b8c0-9e55960813f8&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=3c0117ae-aebd-4fab-b8c0-9e55960813f8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
369
sync
ups.analytics.yahoo.com/ups/57304/ Frame 2D0C
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1MzhkZjRlMi03ZGVmLTExZWItOWJhNi0wMjllNDA0ZmE0YzA%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEMKcfTQ5XuJTEBizj9xWFts&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMKcfTQ5XuJTEBizj9xWFts&google_cver=1&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMKcfTQ5XuJTEBizj9xWFts&google_cver=1&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0
Requested by
Host: www.wincert.net
URL: https://www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:02 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEMKcfTQ5XuJTEBizj9xWFts&google_cver=1&apid=UP538df4e2-7def-11eb-9ba6-029e404fa4c0
date
Fri, 05 Mar 2021 20:14:02 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CgQHnCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5EhGyhXx3X-dbufwLTulf6SU_PqcljHh-UMAEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NLEJ1WBWBj7nqcSACgOYCwHICwHQCw-4DAHYEwI&sigh=w1BuN7vXE8E&label=video_ad_loaded&acvw=&sdkv=h.3.445.1&vci=CmsIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUh0QDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 4A15 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 15:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536110
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:18:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4A15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9E62CZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMm_c6gIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTg1NzgwMDU1NzYwMDU3NDSACgPICwHCEwYYqJ_jzwPYEwKyFxoKGAgAEhRwdWItMTMyMDc3NDY3OTkyMDg0MQ&sigh=z2TX7Xy1HMs&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&tpd=AGWhJmtu1IXQ2dn8s-P9Oo5TsbQAKCY4Lvgpid3KKjvpQwG1CQ&sdkv=h.3.445.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D279,-2727,547,-2250%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15510%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614975241734%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A15 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4cSDzut3yzfSzMUdZmsz0ZF5ZDdx086H9r_p2lXioPwGhfUQywtCqGRBfIIovWIfIo4RVWvW7xGfKSxl99BdQuoa6P-UbFltkWPXWreLed0lair8F16Aoy1g&sai=AMfl-YQSxpVghSpkJRomHsktbA7wUbAVETEYXv-Rk6FfrdR_xvq9OCSJnukLAtYp983r7aP2q0cVE0AEHF2o5a48TnHZKaKJnTMH985dt5KQqU7_-mu4niTqpURes7c&sig=Cg0ArKJSzNDIbzk_ySDaEAE&cid=CAASFeRovWTb3XbAEPz-RqR5WhDs6s9uDQ&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D279,-2727,547,-2250%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15510%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614975241736%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614975241579&avm=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D279,-2727,547,-2250%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15510%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614975241739%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A15 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.445.1&e=44712632%2C44729226&id=ima_html5&c=3671820768603421&domain=www.wincert.net
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=admute&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D279,-2727,547,-2250%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D35%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D35%26pst%3D-1%26dur%3D15510%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D35%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614975241765%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=0&serverTime=1614975240&vid_playerVer=3.1.0&s=58057&sta=11403436&x=477&y=268&msta=14038283&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D30355F32327D7B7331343033383238337D7B433236307D7B53643364334C6E6470626D4E6C636E5175626D56307D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430367D7B593233307D7B66317D7B4C383133317DFEFE&diaid=&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&rvn=4270&contentFileId=1325601&mediaPlayListId=7580&mediaListId=6567&isExcludeFromOpt=0&isCachedBid=0&contentMatchType=&viewPct={%22w%22:0,%22h%22:0}&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975241770&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=7&serverTime=1614975240&vid_playerVer=3.1.0&s=58057&sta=11403436&x=477&y=268&msta=14038283&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&rvn=4270&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975241777&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame EF60 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/hhrtBw21.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Sun, 28 Feb 2021 14:59:48 GMT
expires
Mon, 28 Feb 2022 14:59:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
450853
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
pagead2.googlesyndication.com/bg/ Frame EF60 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 01:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
66090
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5632
x-xss-protection
0
expires
Sat, 05 Mar 2022 01:52:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF60 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.445.1&bgai=BHVNfCZFCYP7cEbmK7_UP-IuJiAIAAAAAOAG6BRMI-sbOzPuZ7wIVqNG7CB2IlAI5&bg=!PzylPH_NAAWsVXnBrDsAKQB2-DxaBgQxWJ_BBNNzAey9QbjUOXVin1jmvRXcPN806p-NCVu7YMtPAgAAAGdSAAAADWgBBwoAXzqP-3WH3CsHaU8liQtkpHsgL_EHQMh15SmYexL4RvcABiTs3JOTEtofeTbwtrdYuAmv0L2H8j6ea66m0hk3gn_g7j-EFrNHWalYtjqp8QSbXginZx1vyhSuC4odZTmzmQIXNUV6f6xNcZjLk9Pkbn0VjJ7NlHDBkCvc-JV4iL9AsGSUoFdby7aruaUtHUG1hGxVHBByZWAFNs6L7ZrEE9OSpRVmxk64ScXc0yGgDok_IFfHcdpMQmgai4gvnul_08yaTYkn5TrF9kkBFp0z93IeKTj4ukBASC83xUuZ3JSfHz9z97lrPTN0joE6dRi7kBWb4XzcbVsNLqkId1Ws7DzcLjr2lXAfFkiq5B_9PDQ9yENXQgQuiiHO6-MX8v1IcxqrrxLL0xaRgEBpJ8e25WqZLd__6VDEuOuxQ4-1B0OiZzeS87XBuvufEzFvKvrIjhzQQAfAGAztVeAcGL9QDxwwE5Oobo4k0oP2sptS2Nqk50KVvW1RWGgpLJWb6kDzEYAQVFGT12HgQxSzuVRmzKCh6ttJvBLY4rdSfi_DgED0wVDGgJYrgBEwpjonpdPsFlqy37Cav8c7HN4S117dETy4ZpN2JSakRs1RBJ2S5zivnFOd3mDyvWiK1lX-0aSICIhTbFhF84X50iFbN64Rh9j20qJidRqJF-P87kiwHhOfHXBY2_mR7Q6Hhalc3jozs4izvk3IfU9cwhgxqVuTFcFbKcB7DUdGgwXikr_l13rDdd2i23rF0dpls8hF3RDBlEUxScIVRDnlNe_if_K9MKDcxKqzNPBzwQUQYqo3e3uG32f4qye4319vztXxRbQNz-rnQICPfxFgag
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
s.youtube.com/api/stats/ Frame 5369 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44712632%2C44729226&el=adunit&cpn=946xmaU7ST0Lm1q1&docid=VAv7NWu41Nk&ver=2&cmt=0.179&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.wincert.net%2F&len=15.511&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=14&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1614975239&vid_playerVer=3.1.0&s=103419&sta=0&x=406&y=230&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975242085&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:01 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
csi
csi.gstatic.com/ Frame 4A15 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klwqk7kd&c=5441724635662&slotId=2720862317831&qqid=CL6F0Mz7me8CFTnFuwgd-EUCIQ&gqid=CZFCYLqeEKij7_UPiKmKyAM&fb=ima-html5&sdkv=h.3.445.1&mrd=4&aab=0&itv=1&met.4=ghmsh_s.klwqk7ke~vss_tr.in~vss_pp.tj
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~klwqk7dn&c=3287915772495480&e=21068495%2C21066613%2C21066615&ctx=1&met.1=11.8v~12.j1~13.og~14.ta~15.oj~16.1hb~17.1he~18.1hi~19.2nw~20.2nw~21.2nx~22.1aj~23.1aj&met.3=113.2ob_2~143.2qo_2~129.2qq~153.2r9~143.2ti_3~143.2ww_2~129.2xr~143.2zq_2~143.32k_2~143.35q_2~143.38k_2~143.3be_2~143.3e8_2~143.3h2_2&met.7=CCcQDRgBIP0aKP0aMKsbOC9A_RpI_RpQ_RpYnhtg_Rpoihtwqxt4rzaAAYAziAH_QrABAbgBA8AB8_LLrgs~CBsQARgBIIwbKIwbMKwbOCDAAaSg_KUH~CCcQChgBIN8bKN8bMIgcOCnAAeLBm9oF~CCcQBRgBII0cKI0cMJUcOAjAAYH58KcM~CBsQBiCYHTguwAGwuo3rAQ~CBsQBiCZHTgwwAGwuo3rAQ~CBwQBhgBIOAdKOAdMI0eOC1o4R1wjB54F7ABAbgBA8ABlITitQ4~CBsghR44MMABkt340QE~CBsQBiDhHjiBAsABsLqN6wE~CBsQBiDlHjj8AcABsLqN6wE~CBsQBiCWITgswAGwuo3rAQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/rum_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=13&serverTime=1614975240&vid_playerVer=3.1.0&s=58057&sta=11403436&x=477&y=268&msta=14038283&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&rvn=4270&contentFileId=0&mediaPlayListId=0&mediaListId=0&viewPct={%22w%22:0,%22h%22:0}&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975243773&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A15 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4cSDzut3yzfSzMUdZmsz0ZF5ZDdx086H9r_p2lXioPwGhfUQywtCqGRBfIIovWIfIo4RVWvW7xGfKSxl99BdQuoa6P-UbFltkWPXWreLed0lair8F16Aoy1g&sai=AMfl-YQSxpVghSpkJRomHsktbA7wUbAVETEYXv-Rk6FfrdR_xvq9OCSJnukLAtYp983r7aP2q0cVE0AEHF2o5a48TnHZKaKJnTMH985dt5KQqU7_-mu4niTqpURes7c&sig=Cg0ArKJSzNDIbzk_ySDaEAE&cid=CAASFeRovWTb3XbAEPz-RqR5WhDs6s9uDQ&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26tos%3D2012,0,0,0,0%26mtos%3D2012,2012,2012,2012,2012%26amtos%3D0,0,0,0,0%26mcvt%3D2012%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2248%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D661%26pst%3D437%26dur%3D15510%26vmtime%3D1928%26dtos%3D2012%26dtoss%3D1%26dvs%3D2012%26dfvs%3D2012%26dvpt%3D2213%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1614975243977%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2012&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1614975241579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6DBB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=118728
Expires
Sun, 07 Mar 2021 05:12:52 GMT
Date
Fri, 05 Mar 2021 20:14:04 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 6DBB 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dbd7b92f71ea26bb1617bbc267c0b1919f6b301b47cc54609fcb451b3354efd8

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:04 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
usersync.aspx
dis.criteo.com/dis/ Frame D7C6 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 05 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1328
date
Fri, 05 Mar 2021 20:14:04 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 888C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=6398253834614836993
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=6398253834614836993
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156595:4; KADUSERCOOKIE=3B206D81-FD80-48C3-AC37-0070ADC88D22; chkChromeAb67Sec=1; DPSync3=1616112000%3A201_227_226_221; SyncRTB3=1615507200%3A2_67_15_223%7C1616198400%3A35%7C1615766400%3A63%7C1617494400%3A203%7C1616112000%3A204_165_176_3_71_166_99_21_88_189_78_13_7_220_5_54_22_55_56_8_81_161_222; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&16736-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23019-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23114-uid:76886042-910c-4d00-92de-003908c8d36f; KRTBCOOKIE_1101=23040-6936265861124782231; KRTBCOOKIE_22=14911-3790050175087946160; PugT=1614974872
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 05 Mar 2021 20:07:51 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-6398253834614836993; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:51 GMT; path=/ PugT=1614974871; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:51 GMT; path=/
X-lat
amspug015:0:382
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=6398253834614836993
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
redir
rtb-csync.smartadserver.com/ Frame 7E52
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUjlFN0FoU0lBQUVWSmM4WG5HUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 05 Mar 2021 20:14:04 GMT

Redirect headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
location
https://rtb-csync.smartadserver.com/redir
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C793
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936265861124782231
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936265861124782231
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156595:4; KADUSERCOOKIE=3B206D81-FD80-48C3-AC37-0070ADC88D22; chkChromeAb67Sec=1; DPSync3=1616112000%3A201_227_226_221; SyncRTB3=1615507200%3A2_67_15_223%7C1616198400%3A35%7C1615766400%3A63%7C1617494400%3A203%7C1616112000%3A204_165_176_3_71_166_99_21_88_189_78_13_7_220_5_54_22_55_56_8_81_161_222; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&16736-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23019-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23114-uid:76886042-910c-4d00-92de-003908c8d36f; PugT=1614975244
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 05 Mar 2021 20:07:50 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6936265861124782231; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:50 GMT; path=/ PugT=1614974870; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:50 GMT; path=/
X-lat
amspug009:0:401
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 05 Mar 2021 20:14:05 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6936265861124782231; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936265861124782231
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 56EE
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0qltUy4GtTGFcpb754nfWbBe
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0qltUy4GtTGFcpb754nfWbBe
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156595:4; KADUSERCOOKIE=3B206D81-FD80-48C3-AC37-0070ADC88D22; chkChromeAb67Sec=1; DPSync3=1616112000%3A201_227_226_221; SyncRTB3=1615507200%3A2_67_15_223%7C1616198400%3A35%7C1615766400%3A63%7C1617494400%3A203%7C1616112000%3A204_165_176_3_71_166_99_21_88_189_78_13_7_220_5_54_22_55_56_8_81_161_222; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&16736-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23019-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23114-uid:76886042-910c-4d00-92de-003908c8d36f; PugT=1614975244
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 05 Mar 2021 20:07:51 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-0qltUy4GtTGFcpb754nfWbBe&KRTB&23212-0qltUy4GtTGFcpb754nfWbBe; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:51 GMT; path=/ PugT=1614974871; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:51 GMT; path=/
X-lat
amspug010:0:395
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 05 Mar 2021 20:14:05 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=0qltUy4GtTGFcpb754nfWbBe; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0qltUy4GtTGFcpb754nfWbBe
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 5F52
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2083680818
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2083680818
  • https://sync.1rx.io/usersync/tradedesk/33db55ac-b5ef-4ffe-8677-05b8cdc94dfd
  • https://sync.targeting.unrulymedia.com/csync/RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156595:4; KADUSERCOOKIE=3B206D81-FD80-48C3-AC37-0070ADC88D22; chkChromeAb67Sec=1; DPSync3=1616112000%3A201_227_226_221; SyncRTB3=1615507200%3A2_67_15_223%7C1616198400%3A35%7C1615766400%3A63%7C1617494400%3A203%7C1616112000%3A204_165_176_3_71_166_99_21_88_189_78_13_7_220_5_54_22_55_56_8_81_161_222; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&16736-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23019-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23114-uid:76886042-910c-4d00-92de-003908c8d36f; KRTBCOOKIE_1101=23040-6936265861124782231; KRTBCOOKIE_22=14911-3790050175087946160; KRTBCOOKIE_107=1471-uid:bdv6V9td1LigPP5; KRTBCOOKIE_409=22966-0qltUy4GtTGFcpb754nfWbBe&KRTB&23212-0qltUy4GtTGFcpb754nfWbBe; KRTBCOOKIE_336=5844-6398253834614836993; KRTBCOOKIE_80=16514-CAESEAlsX2Yf6hffbHsl4y901QA&KRTB&22987-CAESEAlsX2Yf6hffbHsl4y901QA&KRTB&23025-CAESEAlsX2Yf6hffbHsl4y901QA; KRTBCOOKIE_153=19420-jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO&KRTB&22979-jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO; KRTBCOOKIE_188=3189-24dad056-a3fc-47cf-b80f-c4cb991f8dd9-6042910d-4348; KRTBCOOKIE_218=22978-YEKRDQAAAKFC_irK&KRTB&23194-YEKRDQAAAKFC_irK&KRTB&23209-YEKRDQAAAKFC_irK&KRTB&23244-YEKRDQAAAKFC_irK; KRTBCOOKIE_1074=22956-e_027ac2e7-90ed-43b0-a9d5-540b735e6fcd; PugT=1614975245
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 05 Mar 2021 20:07:52 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003&KRTB&17107-RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:52 GMT; path=/ PugT=1614974872; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:52 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:52 GMT; path=/
X-lat
amspug020:0:428
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Fri, 05 Mar 2021 20:14:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003%22%7D; path=/; expires=Sat, 05 Mar 2022 20:14:05 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-568c55de-d3cc-4fc3-9623-3b08155474fc-003
ETag
RX568c55ded3cc4fc396233b08155474fc003
bridge
cm.adgrx.com/ Frame A705 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 36A0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
544 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aanoeUx2eNNSE0UdaqcNZafXV371pMTvtyjMAAwZc2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 05 Mar 2021 20:14:05 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d5cc0add07e7b23a53a5e513556d7d5c51614975245; expires=Sun, 04-Apr-21 20:14:05 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=agnseFSkTsfAutomjtpkHcOdjcOYPug1NfnaWhKROAW7vGQ6Pa2DcSZcTnilms68whaF4rUM4mfQ5U8xtKVZaD; path=/; domain=.tribalfusion.com; expires=Thu, 03-Jun-2021 20:14:05 GMT; SameSite=None; Secure; ANON_ID_old=agnseFSkTsfAutomjtpkHcOdjcOYPug1NfnaWhKROAW7vGQ6Pa2DcSZcTnilms68whaF4rUM4mfQ5U8xtKVZaD; path=/; domain=.tribalfusion.com; expires=Thu, 03-Jun-2021 20:14:05 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08a59fb34300004e62751de000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62b602320cfd4e62-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 05 Mar 2021 20:14:05 GMT
content-type
text/html
set-cookie
__cfduid=d9c7a333d7a2d27f2dde13744598ffe331614975244; expires=Sun, 04-Apr-21 20:14:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aanoeUx2eNNSE0UdaqcNZafXV371pMTvtyjMAAwZc2; path=/; domain=.tribalfusion.com; expires=Thu, 03-Jun-2021 20:14:05 GMT; SameSite=None; Secure; ANON_ID_old=aanoeUx2eNNSE0UdaqcNZafXV371pMTvtyjMAAwZc2; path=/; domain=.tribalfusion.com; expires=Thu, 03-Jun-2021 20:14:05 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1422
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08a59fb28e00004e621eb01000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62b60230ead14e62-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 811E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=KFK13XzDG4Xe&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=KFK13XzDG4Xe&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156595:4; KADUSERCOOKIE=3B206D81-FD80-48C3-AC37-0070ADC88D22; chkChromeAb67Sec=1; DPSync3=1616112000%3A201_227_226_221; SyncRTB3=1615507200%3A2_67_15_223%7C1616198400%3A35%7C1615766400%3A63%7C1617494400%3A203%7C1616112000%3A204_165_176_3_71_166_99_21_88_189_78_13_7_220_5_54_22_55_56_8_81_161_222; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&16736-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23019-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23114-uid:76886042-910c-4d00-92de-003908c8d36f; KRTBCOOKIE_1101=23040-6936265861124782231; KRTBCOOKIE_22=14911-3790050175087946160; KRTBCOOKIE_107=1471-uid:bdv6V9td1LigPP5; KRTBCOOKIE_409=22966-0qltUy4GtTGFcpb754nfWbBe&KRTB&23212-0qltUy4GtTGFcpb754nfWbBe; KRTBCOOKIE_336=5844-6398253834614836993; KRTBCOOKIE_80=16514-CAESEAlsX2Yf6hffbHsl4y901QA&KRTB&22987-CAESEAlsX2Yf6hffbHsl4y901QA&KRTB&23025-CAESEAlsX2Yf6hffbHsl4y901QA; KRTBCOOKIE_153=19420-jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO&KRTB&22979-jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO; PugT=1614974871
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 05 Mar 2021 20:07:51 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:51 GMT; path=/
X-lat
amspug012:0:338
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-7bsq4
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=KFK13XzDG4Xe;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Mon, 28-Feb-2022 20:14:05 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=db13f775ed91b1d0; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=KFK13XzDG4Xe&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame E203
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 05 Mar 2021 20:14:05 GMT
via
1.1 varnish
x-served-by
cache-hhn11583-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1614975245.133329,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 05-Mar-2022 20:14:05 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b9de2c53-5588-4509-b282-e89dd9f387d0-tuct73c168d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 05 Mar 2021 20:14:05 GMT
via
1.1 varnish
x-served-by
cache-hhn11583-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1614975245.030912,VS0,VE56
x-vcl-time-ms
56
content-length
0
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 0FB7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bdv6V9td1LigPP5&gdpr=1&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bdv6V9td1LigPP5&gdpr=1&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156595:4; KADUSERCOOKIE=3B206D81-FD80-48C3-AC37-0070ADC88D22; chkChromeAb67Sec=1; DPSync3=1616112000%3A201_227_226_221; SyncRTB3=1615507200%3A2_67_15_223%7C1616198400%3A35%7C1615766400%3A63%7C1617494400%3A203%7C1616112000%3A204_165_176_3_71_166_99_21_88_189_78_13_7_220_5_54_22_55_56_8_81_161_222; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&16736-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23019-uid:76886042-910c-4d00-92de-003908c8d36f&KRTB&23114-uid:76886042-910c-4d00-92de-003908c8d36f; KRTBCOOKIE_1101=23040-6936265861124782231; PugT=1614974870
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 05 Mar 2021 20:07:51 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:bdv6V9td1LigPP5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:51 GMT; path=/ PugT=1614974871; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Apr-2021 20:07:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 03-Jun-2021 20:07:51 GMT; path=/
X-lat
amspug019:0:418
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 05 Mar 2021 20:14:04 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bdv6V9td1LigPP5&gdpr=1&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=bdv6V9td1LigPP5; Domain=.w55c.net; Expires=Tue, 05-Apr-2022 20:14:05 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 04-Apr-2021 20:14:05 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
check
pixel.tapad.com/idsync/ex/receive/ Frame 20D6
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48927349&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1614975245029; TapAd_DID=5583d157-7def-11eb-b97b-cae480833972
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 05 Mar 2021 20:14:05 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 05 Mar 2021 20:14:05 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1614975245029;Expires=Tue, 04 May 2021 20:14:05 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=5583d157-7def-11eb-b97b-cae480833972;Expires=Tue, 04 May 2021 20:14:05 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6DBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OyBtgf2ASMOsNwBwrciNIg%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OyBtgf2ASMOsNwBwrciNIg%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=26936
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sat, 06 Mar 2021 03:43:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6DBB 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=1&gdpr_consent=&cid=3B206D81-FD80-48C3-AC37-0070ADC88D22
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62b60230ed8b05fd-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08a59fb292000005fd6c8ae000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 6DBB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3B206D81-FD80-48C3-AC37-0070ADC88D22&sInitiator=external&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3B206D81-FD80-48C3-AC37-0070ADC88D22&sInitiator=external&gdpr=1&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3B206D81-FD80-48C3-AC37-0070ADC88D22&sInitiator=external&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:03 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:03 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3B206D81-FD80-48C3-AC37-0070ADC88D22&sInitiator=external&gdpr=1&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3B206D81-FD80-48C3-AC37-0070ADC88D22&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3B206D81-FD80-48C3-AC37-0070ADC88D22&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3B206D81-FD80-48C3-AC37-0070ADC88D22&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3B206D81-FD80-48C3-AC37-0070ADC88D22&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Fri, 05 Mar 2021 20:14:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3B206D81-FD80-48C3-AC37-0070ADC88D22&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0IyMDZEODEtRkQ4MC00OEMzLUFDMzctMDA3MEFEQzg4RDIy&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0IyMDZEODEtRkQ4MC00OEMzLUFDMzctMDA3MEFEQzg4RDIy&gdpr=1&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:07:52 GMT
X-lat
amspug017:0:405
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESEAlsX2Yf6hffbHsl4y901QA&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESEAlsX2Yf6hffbHsl4y901QA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
X-lat
amspug007:0:434
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESEAlsX2Yf6hffbHsl4y901QA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6DBB 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 04 Mar 2021 20:14:05 GMT
match
c1.adform.net/serving/cookie/ Frame 6DBB 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76886042-910c-4d00-92de-003908c8d36f&gdpr=1&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76886042-910c-4d00-92de-003908c8d36f&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:04 GMT
X-lat
amspug006:0:362
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 05 Mar 2021 20:14:00 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:76886042-910c-4d00-92de-003908c8d36f&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 05 Mar 2021 20:13:59 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6DBB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
ib.adnxs.com/ Frame 6DBB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/58292/ Frame 6DBB 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3B206D81-FD80-48C3-AC37-0070ADC88D22&redir=true&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3B206D81-FD80-48C3-AC37-0070ADC88D22
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6DBB 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3B206D81-FD80-48C3-AC37-0070ADC88D22?gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3790050175087946160&gdpr=1&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3790050175087946160&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:07:52 GMT
X-lat
amspug017:0:398
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3790050175087946160&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:07:51 GMT
X-lat
amspug013:0:380
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jTcGJYI2AnOWNwR13mUfJN1lAiSWM1AujzXUPIeO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 6DBB 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.211.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 20:14:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEKRDQAAAKFC_irK&gdpr=1&gdpr_consent=&_test=YEKRDQAAAKFC_irK
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEKRDQAAAKFC_irK&gdpr=1&gdpr_consent=&_test=YEKRDQAAAKFC_irK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:07:52 GMT
X-lat
amspug003:0:488
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614975245.282559,VS0,VE0
x-served-by
cache-fra19138-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEKRDQAAAKFC_irK&gdpr=1&gdpr_consent=&_test=YEKRDQAAAKFC_irK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=24dad056-a3fc-47cf-b80f-c4cb991f8dd9-6042910d-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=24dad056-a3fc-47cf-b80f-c4cb991f8dd9-6042910d-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:07:52 GMT
X-lat
amspug010:0:394
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=24dad056-a3fc-47cf-b80f-c4cb991f8dd9-6042910d-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6DBB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3B206D81-FD80-48C3-AC37-0070ADC88D22&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:edb7fd29-da20-40d3-9784-2866995ae273&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:edb7fd29-da20-40d3-9784-2866995ae273&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
X-lat
amspug007:0:385
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:edb7fd29-da20-40d3-9784-2866995ae273&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 05 Mar 2021 20:14:05 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7237246473167682943
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7237246473167682943
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:07:51 GMT
X-lat
amspug013:0:215
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 20:14:05 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
3021a00b-1eb1-43d0-8e05-25760fec6dfb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7237246473167682943
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6DBB
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_027ac2e7-90ed-43b0-a9d5-540b735e6fcd
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_027ac2e7-90ed-43b0-a9d5-540b735e6fcd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:14:05 GMT
X-lat
amspug007:0:309
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_027ac2e7-90ed-43b0-a9d5-540b735e6fcd
date
Fri, 05 Mar 2021 20:14:05 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1614975239&vid_playerVer=3.1.0&s=103419&sta=0&x=406&y=230&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&viewPct={%22w%22:0,%22h%22:0}&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975245086&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:04 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime25&ad_mt=3929&acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26tos%3D3760,0,0,0,0%26mtos%3D3760,3760,3760,3760,3760%26amtos%3D0,0,0,0,0%26mcvt%3D3760%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3996%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D862%26pst%3D437%26dur%3D15510%26vmtime%3D3928%26dtos%3D1748%26dtoss%3D2%26dvs%3D1748%26dfvs%3D1748%26dvpt%3D1748%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3760,3760,3760,3760,3760%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1614975245726%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3760&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6DBB 		0
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156595&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 05 Mar 2021 20:14:07 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=video_skip_shown&ad_mt=5179&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26p0%3D279,-2727,547,-2250%26p1%3D413,273,681,750%26tos%3D5010,0,0,0,0%26mtos%3D5010,5010,5010,5010,5010%26amtos%3D0,0,0,0,0%26mtos1%3D3760,0,0%26mcvt%3D5010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1266%26pst%3D437%26dur%3D15510%26vmtime%3D5178%26is%3D275%26i0%3D18%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D0%26c1%3D0,1,1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1250,1250,1250,1250,1250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483585%26psv%3D63%26psfv%3D63%26psa%3D0%26ptlt%3D1614975246976%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5010%26ss0%3D0%26ss1%3D0,0.06,0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime50&ad_mt=7929&acvw=sv%3D889%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26tos%3D7760,0,0,0,0%26mtos%3D7760,7760,7760,7760,7760%26amtos%3D0,0,0,0,0%26mcvt%3D7760%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7996%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1869%26pst%3D437%26dur%3D15510%26vmtime%3D7928%26dtos%3D4000%26dtoss%3D3%26dvs%3D4000%26dfvs%3D4000%26dvpt%3D4000%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D4000,4000,4000,4000,4000%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147483393%26psv%3D255%26psfv%3D255%26psa%3D0%26ptlt%3D1614975249726%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7760&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1614975239&vid_playerVer=3.1.0&s=103419&sta=0&x=406&y=230&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975250027&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1614975239&vid_playerVer=3.1.0&s=103419&sta=0&x=406&y=230&vid_passDomain=www.wincert.net&subId=www.wincert.net&debugInformation=&isApp=0&userIpAddr=185.156.175.107&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=604291079ac06&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&viewPct={%22w%22:0,%22h%22:0}&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1614975250086&uid=SekindoSPlayer60429107c1c79&pubUrl=https%3A%2F%2Fwww.wincert.net%2Fcast%2Fwinrar-6-0-giveaway-on-wincert-net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wincert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
6.gif
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 78CA 		35 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.242 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6.gif
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 78CA 		35 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aclk
www.googleadservices.com/pagead/ Frame 4A15
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CgQHnCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vK...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CcH2TCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzp...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CcH2TCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5EhGyhXx3X-dbufwLTulf6SU_PqcljHh-UMAEienEo68D4AQBwAVuoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NJoJF2h0dHBzOi8vd3d3LnplbmRlc2suZGUvsQnVYFYGPuepxIAKA5gLAcgLAdALD7gMAdgTAg&num=1&client=ca-pub-9785835472657805&ctype=110&label=video_10s_engaged_view&ad_mt=10179&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26p0%3D279,-2727,547,-2250%26p1%3D413,273,681,750%26p2%3D413,273,681,750%26tos%3D10010,0,0,0,0%26mtos%3D10010,10010,10010,10010,10010%26amtos%3D0,0,0,0,0%26mtos1%3D3760,0,0%26mtos2%3D4000,0,0%26mcvt%3D10010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2471%26pst%3D437%26dur%3D15510%26vmtime%3D10178%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2250,2250,2250,2250,2250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D51,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147481601%26psv%3D2047%26psfv%3D2047%26psa%3D0%26ptlt%3D1614975251975%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10010%26ss0%3D0%26ss1%3D0,0.06,0.06%26ss2%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1614975241579&cid=CAQSKQCNIrLMbQDGsrTpAffk3I9r-VtC82HevV458xC8qCe02tYmIa-RDbQ_&dblrd=1&val=ChAyMmM5ZjdlOWFmYmEwMDgwEJOiioIGGgjFdDiIodEp1iABKAE&sig=AOD64_3f93C6o15lrKeRnMuNwX6boxS5Ng&adurl=https://www.zendesk.de/%3Futm_source%3Dyoutube%26utm_medium%3DPaidSocial%26utm_campaign%3D%7Bcampaign%7D%26utm_term%3DCustomIntent-KW%26utm_content%3D499245445395%26utm_adgroup%3D%7Badgroup%7D%26utm_source%3Dgoogle%26utm_medium%3D%26utm_network%3Dvp%26utm_campaign%3D%26matchtype%3D%26utm_term%3Dcrm%2520software%26utm_content%3D499245445395%26utm_adgroup%3D%26gclsrc%3Daw.ds%26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:11 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CcH2TCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBIACT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5EhGyhXx3X-dbufwLTulf6SU_PqcljHh-UMAEienEo68D4AQBwAVuoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NJoJF2h0dHBzOi8vd3d3LnplbmRlc2suZGUvsQnVYFYGPuepxIAKA5gLAcgLAdALD7gMAdgTAg&num=1&client=ca-pub-9785835472657805&ctype=110&label=video_10s_engaged_view&ad_mt=10179&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26p0%3D279,-2727,547,-2250%26p1%3D413,273,681,750%26p2%3D413,273,681,750%26tos%3D10010,0,0,0,0%26mtos%3D10010,10010,10010,10010,10010%26amtos%3D0,0,0,0,0%26mtos1%3D3760,0,0%26mtos2%3D4000,0,0%26mcvt%3D10010%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2471%26pst%3D437%26dur%3D15510%26vmtime%3D10178%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2250,2250,2250,2250,2250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D51,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147481601%26psv%3D2047%26psfv%3D2047%26psa%3D0%26ptlt%3D1614975251975%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10010%26ss0%3D0%26ss1%3D0,0.06,0.06%26ss2%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1614975241579&cid=CAQSKQCNIrLMbQDGsrTpAffk3I9r-VtC82HevV458xC8qCe02tYmIa-RDbQ_&dblrd=1&val=ChAyMmM5ZjdlOWFmYmEwMDgwEJOiioIGGgjFdDiIodEp1iABKAE&sig=AOD64_3f93C6o15lrKeRnMuNwX6boxS5Ng&adurl=https://www.zendesk.de/%3Futm_source%3Dyoutube%26utm_medium%3DPaidSocial%26utm_campaign%3D%7Bcampaign%7D%26utm_term%3DCustomIntent-KW%26utm_content%3D499245445395%26utm_adgroup%3D%7Badgroup%7D%26utm_source%3Dgoogle%26utm_medium%3D%26utm_network%3Dvp%26utm_campaign%3D%26matchtype%3D%26utm_term%3Dcrm%2520software%26utm_content%3D499245445395%26utm_adgroup%3D%26gclsrc%3Daw.ds%26
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 15AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.179&rtn=15.511&ns=yt&fexp=44712632%2C44729226&el=adunit&cpn=946xmaU7ST0Lm1q1&docid=VAv7NWu41Nk&ver=2&cmt=10.179&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.wincert.net%2F&len=15.511&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4A15 		42 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C9NIrCZFCYP7cEbmK7_UP-IuJiALry5PIYdze4byYDcCNtwEQASDAqMpqYPWVzoHgBKABqJ_jzwPIAQXgAgCoAwGYBACqBP0BT9Blo0HpEY4i-Wz5ZCKOthRe-7DPuqmMOVlcQHs0LnBYZzpk4vKTqrp_c2DY0X3Z6-34pKdcxM9MD4dxARYrcKft2PKWbi_DliImfiKj9ogcQYaOlPsJ1Ly3wq5zgQZCALt58jQzVU438QMl0odBStzcwSypTRD5Rudc1KPvuPIOPfRpU84HJ3aJopeb6vXei3swKPgWe5Cts6Q2UVFBw7toywLK1lwVbhwFECFHQBQU8CYDJc3dIBSIzw6DSZuHp1ARVYqFFsqJ0_0x-v793NjLn5DOQnp_1j523mFnliAYcC9Dr7w5ShAweO_9LXWNThJGpQcFTPY2kVxCl8AEienEo68D4AQBoAZUgAe2yJWMAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB-zVG6gHltgb2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tODU3ODAwNTU3NjAwNTc0NIAKA8gLAdgTAg&sigh=WTqfTetarJo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime75&ad_mt=11679&acvw=sv%3D889%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D413,273,681,750%26tos%3D11510,0,0,0,0%26mtos%3D11510,11510,11510,11510,11510%26amtos%3D0,0,0,0,0%26mcvt%3D11510%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11746%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2873%26pst%3D437%26dur%3D15510%26vmtime%3D11678%26dtos%3D3750%26dtoss%3D4%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D377%26femvt%3D0%26emc%3D60%26emuc%3D0%26emb%3D59,0,0,0,0%26avms%3Dexc%26qi%3D363092928%26psm%3D-2147479553%26psv%3D4095%26psfv%3D4095%26psa%3D0%26ptlt%3D1614975253476%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11510&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1614975241579&sdkv=h.3.445.1&vci=Cm4IARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MzI0NjQ4MDIyMDIMNDk5MjQ1NDQ1Mzk1QJQCUiAQDyUAAIBBKAE6B3Vua25vd25CB3Vua25vd25IjwFQABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 20:14:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7247970263978355120

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| appp_ajax_login undefined| $ function| jQuery object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject boolean| wpquads_adblocker_check object| cnArgs object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| gaplugins object| gaGlobal object| gaData object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent316 number| quads_screen_width number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| google_rum_config object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| onGeo_timeout_error function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| quadsOptions undefined| addEvent1 function| quadsgetCookie function| quadssetCookie undefined| highlight_adblocked_ads function| _ object| HUParams object| addComment function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| SharrrePlatform boolean| wpquads_adblocker_check_2 object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| wp function| tcOutline object| czrapp function| Waypoint object| twemoji object| _google_rum_ns_ object| defaultSettings object| _params object| $_to_center_with_delay function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| sekindoFlowingPlayerOn object| freewheelssp_cache object| closure_lm_606139 undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: pi
Value: 159196:2
.wincert.net/ Name: _gid
Value: GA1.2.1183996195.1614975240
www.wincert.net/cast/winrar-6-0-giveaway-on-wincert-net Name: quads_browser_width
Value: 1600
.ads.pubmatic.com/ Name: KCCH
Value: YES
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkzG_EIlK2C0vwgQRaffJRkjCysik0pwuSOUVacXMvTkV_q7v9tnURWP-GMxSg
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4684E09F-C3A3-4D33-B39F-52F702CF3DCF
www.wincert.net/ Name: _pbjs_userid_consent_data
Value: 5489684288434469
.wincert.net/ Name: __gads
Value: ID=0e0ff154db985f2f-22aba0bbf6a600da:T=1614975239:RT=1614975239:S=ALNI_Mbuy-lS0Sddb5FtGVfKdk2SOW13Mw
.wincert.net/ Name: _ga
Value: GA1.2.1461666795.1614975240
.wincert.net/ Name: _gat_gtag_UA_103302831_1
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.wincert.net/wp-content/cache/minify/818c0.js(Line 5)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
aud.pubmatic.com
bh.contextweb.com
bit.ly
c.amazon-adsystem.com
c1.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
live.sekindo.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
p.skimresources.com
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i1-v6exp3.v4.metric.gstatic.com
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-848277-i2-v6exp3.ds.metric.gstatic.com
p4-erlwjpbzz75ou-uxwfjwhql2kwbqbj-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubmatic-match.dotomi.com
r.skimresources.com
r2---sn-4g5ednll.googlevideo.com
r4---sn-1gi7znes.googlevideo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.skimresources.com
s.tribalfusion.com
s.youtube.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
t.skimresources.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
video.sekindo.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.wincert.net
x.bidswitch.net
x.skimresources.com
ads.stickyadstv.com
104.168.147.90
108.129.8.178
116.202.172.174
142.250.185.242
142.250.186.162
142.250.186.34
142.250.74.194
151.101.14.49
151.139.128.11
159.253.128.188
159.65.197.210
172.217.23.98
178.250.0.163
18.197.47.23
18.198.69.109
185.220.204.135
185.29.133.58
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.249
185.64.190.78
185.64.190.81
185.86.137.110
185.86.139.95
185.94.180.124
185.94.180.125
188.165.137.78
198.148.27.140
199.232.137.44
2.18.233.180
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
213.155.156.183
213.19.147.150
216.58.212.163
217.182.200.20
2606:4700:10::ac43:db6
2606:4700::6812:c05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:5a::8
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2012
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:400a:9::9
2a00:1450:400c:c03::5e
2a00:1450:400c:c07::8a
2a00:1450:400c:c0c::9a
2a02:fa8:8806:12::1400
2a04:fa87:fffe::c000:4902
3.123.110.9
3.126.56.137
3.127.88.255
34.98.107.212
34.98.64.218
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.126
35.227.248.159
35.227.252.103
35.244.255.22
37.157.2.234
45.83.41.218
52.215.8.160
52.30.234.204
52.35.2.64
54.154.164.132
54.93.211.166
63.251.232.170
65.9.95.127
66.155.71.149
67.199.248.11
69.173.144.165
77.243.60.138
85.114.159.93
003f4ef4dd33923bac9057e33106077f35dc8f6704a959e6b0539615cf200fa6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0825c09d84acfdf463a04688c2144e65416e34f0121ce4102f3237d2226d7c7d
0aa9cd043005c54ccc77a6bb620f50fabcc2ecf24ff974ab5666d42cd9b1fa74
0b1f92a8d5dfcf5530ad1398fa6f63f3e5a1f535b06eb967c9cbd52972631f03
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2cfe9f0a9f78bcf486ff74d75580b6548e0c6df3572517966129b0c9ead96715
2d9606b0de437e771d3a57432275a944f03ff0a5c84a27cc5826625591f87f8b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
33d67bf0263f1ecd4790e6d1384de8066c349067f0167c36b8292dfc6665972f
3456debe0fcea7af0236b4ad1babcf612c9e84a17581d42787bd7b7b3b4072a8
36827d45144cbcf502e02c32187649e7b000775fcd3b9806c8795a1119bd0997
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3724d3d5d1469118c69cf864b0ea0b60cae56a54637ec50972f5026c613ad524
38520f8287d060f1129b80cec43bdb0f55735ce764120d15c01554f79b7122e5
398f165fb90ea53788cd1a05817c7d5c093ea3b2f4aee44a4e823ed48c8a555a
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c427966e7a5169478548c5e143d8be73767c862a82d9d2df201fdb05ce0c512
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f947174d758a4fccd7d48ce9e0ee0cabdea8d9fb6fb58101ab520bc2a753283
4082cb59d9e438347fce57f012de7e35930c30b4feeeeb1bc413dc724e742908
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4abc1e1bbf0d41ffaf94ca8298b3c4e02c27d7f3513214ae6e5215fe8bd5077e
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eedb5116ce6db6c9504b295b364e83aca320b7be1a502c49ef8ebd8231a1354
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5542961f7243b3c6a346edee24c4db2a93cd14f3f3f66b1da43094b1924b6ed8
5758d1ad3c6f35962da2c4d2e162cf59ef64dc0954c54171eaa73babbb2af9e2
58ad9c4fd15e425ea3d3e55b51acadb37b10a378e884f5b0099492233d77f3e0
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be1ecda62e74a3e68680f731e3735981ae6fb68bc64266a750b4a08ac14fca9
5f94d110807753fe528e6db5637ba12ee83c35a51289f40b2f9933c1545f0e63
5fd37186d0a43a88d9bd6102707508f81ef5e0bddd3f1d0308293f831df65fff
62ff09a8013f9dfc0f7cbefc6feb180c258818e151aff470902f29ef44342f0d
6a44f4b12b9c14285ff244203bc7faf75c497d60310ee65d30ed4c76d4da9297
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
703cde1e5839d4adbcd93d163b2ab65c51d00bcf6e670f765540bd801c56b4b9
716c8ea06e309960825b9e1858ff1471b683315a9183dc8a14b21b64bbc19c85
74129e88e5ff3db232a9ec5494bef4b9d0518ea9bd587fdaea8b1baba5071db5
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
802e6499fbb78a0324dd052efe993516569459b9717d88638b61888b4ef242a4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d50a17ebd776a8eaccdc2f17bf44b79d4ddacfcc0ff149b4048e37ffb2db4
8388e819321fa17d9e513419644867bb65a7965f95666189b852e0f3541bf4bb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8aa0c119980abcc4e2fad52a1f2edd7688dbff39ded199ee3bc65cf78a785596
8bb0faaab9d38353e44b98c308fb1de2991c573cb57088647ca6b3c08ea43461
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daaa4ed16297478af007774febefe6ca3674fda47ed73e913b1b583d34883fb
8dbe8457cc41e254cb7fcd4dfa77c52c16413c18f35a370b77c5f07b4895562a
8e7c1a654eeca8acb28518728b0da3f8ca040ecfca29e705f3bd71d9e8246ff5
90c66f4ba4ec265790dcc6514b40cceca9eabc39dfa145817bf822bd5887f267
91531becf889a84ff9acbe50dc2c901fd7288b3b13358d26d0e5f9da15bce38e
92336ffed064f0ca9a11cf8a032cc477aac3215454194f0355184dc85d8bcde1
9640c93a798989d257b3aa2ebbd782ea2c096a87f34178229306a16faecb1022
96e89b9e18f8ab2b83fff18707f5aa44295f7814a977c09714293395b08f4740
97363b6ced0c1ca6d76ebcc6782512959cc8c5d6c8f40cb4976b4179bb685e53
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf3b4260af1d85149cc32a2158171a1b741c633754ab61153742a9a36b32a19
9fd03bf8a44297466c71522f51dd5914c120102eb60f8021705c47aeeb9f6753
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2759e9632fdef7ecd7daa00e87ec1c8345a57be7425b87b649603382cdf007b
a2ee0e60344c6e0c5ed3982be19c2fe85c5b8ae02ac0fa31f295f082fe7ebd26
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3d2fcf3feca46ed18d420294c4e81cb6f0c45f5ceea1df726bf63e444db37af
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6017d55b0978fc2c39402c33942b4dfd45f1ade8e347d8978fbca056a25cf65
aa5de5c04485c8769d8154f019d02eaae54f8c0040deda9ce4b047638137337c
aa7f98d835f20065aa085b293901875f3c23a9e109cd404f91f7e1543638fa94
aba5f4f1d1a91e143069eb4ed212b074cf6967daee4492c7493145171d9056c8
ac33071e1198b275a490a3083bed55c641dd193e97309258cea70472a7cae995
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31c324e36982be7301442b81bf4a0b949a1ceff05313a23e539fa605dcf2339
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b4c58ed63840bf9f8b75616b1d9d66a348e3657612ac0834fcd15b55c38f9158
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bed4e93f135569e4019bf6e4559955fef73abe60a1597eb97e78aac88bd3afa5
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c0c283d67efa1bec799790cebbe72a73bfb4ca808674395261e340fcd1c12920
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c8b5aad4560f37d383366c72426f07fd4d52d49522a8276a52d680fb156fd2bc
ccc7ce427e841c5030cbdb38aeab4a42ec2221d61b07c9d250f5a16714a05d29
cdf64377e9fb0c737712c72282239df99b885fc99b39301e5e19641b18351921
ce09d1e1b43d282ec7664f180b8ee18a56ec0b2d1998f9b29ae4b1f6643fbab5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d343de0fc9fd713d373ba38f11a7a199c92cbbce8cc9db5068e971a1c652feaf
d4d85c59a1a1e4c3e4d3d798e73329db3ab375ec0caf4d62f23e2d4df470576c
d640a223d17bad3f4809a8194ecd1bca0870a66d3bc4047e9afa7b37b9fe0acd
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbd7b92f71ea26bb1617bbc267c0b1919f6b301b47cc54609fcb451b3354efd8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de18fbb58f1cf09e744e6dd7c1d12599adc6bd0f3896366ff5f333f58a95f499
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de393095c0617f943ad17423b8ae947809353d2d445335bc4b37be519705d0d2
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e8eda25d7230c5560a0561aeeaf5b118185418ac2fcd3cd6d505ee26ee0cf2dd
ed89678bdbe405a557ce027f1855b41b671de4c7c3aeb4da15fec6a0e778eb2b
eeb34cd13dca48d6884bd5cf49a50acc1972be8fac46de2e0e40042e83229df9
eeda4d7931dc9a361d9668a2aa79eb57856b4ee84f8eb3d8f5cdc87a7dda424c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe02c7271a36b34415671bf78e26a7c0a6f4cfe1f8f5d95df35160bba121346a
ff49b1ac0e0054c84909623bd55c233652919143a34bc028bb68c42531e2bb1c
ff9538d89df18bc708db4dfdc446571d6e6624253806c58490536c59a35a6fe8