windowsmatters.com Open in urlscan Pro
192.145.233.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Submission Tags: falconsandbox
Submission: On September 23 via api (September 23rd 2022, 6:31:53 pm UTC) from US — Scanned from DE

Summary HTTP 278 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 41 domains to perform 278 HTTP transactions. The main IP is 192.145.233.49, located in United States and belongs to INMOTION, US. The main domain is windowsmatters.com.

This is the only time windowsmatters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	192.145.233.49 192.145.233.49	22611 (INMOTION) (INMOTION)
1 4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
6	45.133.44.24 45.133.44.24	7018 (ATT-INTER...) (ATT-INTERNET4)
2 2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1 1	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
29	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
2	157.90.84.244 157.90.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1	78.47.199.202 78.47.199.202	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
4	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
3	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
4	2a00:1450:400... 2a00:1450:400a:801::200a	15169 (GOOGLE) (GOOGLE)
75	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	216.21.13.11 216.21.13.11	53334 (TUT-AS) (TUT-AS)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:59... 2a02:128:7:5936::2	50245 (SERVEREL-AS) (SERVEREL-AS)
278	43

36 192.145.233.49 (United States)

ASN22611 (INMOTION, US)
PTR: biz236.inmotionhosting.com

windowsmatters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.1vag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
syndication.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

ads.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.47.199.202 (Thalmassing, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.199.47.78.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

pgflgaaaswd1.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

pgflgaaaswd1.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Kuala Lumpur, Malaysia)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

pgflgaaaswd1.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

d7ad7b60ba.78ab4874ae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400a:801::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.11 (United States)

ASN53334 (TUT-AS, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:252:564d::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

1b3785b510.78ab4874ae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbrennab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5936::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

btds.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	1 MB
36	windowsmatters.com windowsmatters.com	650 KB
33	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	225 KB
26	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	502 KB
16	google.com 3 redirects apis.google.com — Cisco Umbrella Rank: 98 adservice.google.com — Cisco Umbrella Rank: 75 accounts.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 2	172 KB
13	adsco.re c.adsco.re — Cisco Umbrella Rank: 23404 6.adsco.re — Cisco Umbrella Rank: 24413 4.adsco.re — Cisco Umbrella Rank: 26598 pgflgaaaswd1.l4.adsco.re pgflgaaaswd1.n4.adsco.re pgflgaaaswd1.s4.adsco.re adsco.re — Cisco Umbrella Rank: 19918	82 KB
9	gstatic.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com	106 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	218 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	39 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	3 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	80 KB
4	wp.com stats.wp.com — Cisco Umbrella Rank: 2621 pixel.wp.com — Cisco Umbrella Rank: 2436 i0.wp.com — Cisco Umbrella Rank: 2875	65 KB
4	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 62	125 KB
3	78ab4874ae.com 1 redirects d7ad7b60ba.78ab4874ae.com 1b3785b510.78ab4874ae.com	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9081	1 KB
3	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 30674	32 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	1 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 34498	404 B
2	popads.net c1.popads.net — Cisco Umbrella Rank: 290464 serve.popads.net — Cisco Umbrella Rank: 228409	10 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2268	2 KB
2	exoclick.com 1 redirects syndication.exoclick.com — Cisco Umbrella Rank: 29600 a.exoclick.com — Cisco Umbrella Rank: 128392	40 KB
2	realsrv.com 1 redirects syndication.realsrv.com — Cisco Umbrella Rank: 11719 a.realsrv.com — Cisco Umbrella Rank: 12352	40 KB
1	1vag.com cdn.1vag.com — Cisco Umbrella Rank: 66525	334 B
1	zog.link 1 redirects btds.zog.link — Cisco Umbrella Rank: 47822	222 B
1	rtbrennab.com 1 redirects rtbrennab.com — Cisco Umbrella Rank: 46926	532 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	457 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 638	759 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	464 B
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 63530	15 KB
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 29517	7 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 60494	13 KB
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 24102	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	649 B
1	w.org s.w.org — Cisco Umbrella Rank: 720	541 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 60021	1011 B
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2582	701 B
1	exdynsrv.com ads.exdynsrv.com	9 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	terelinkman.info Failed tds.terelinkman.info Failed
278	41

	Domain	Requested by
75	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
36	windowsmatters.com	windowsmatters.com
27	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
26	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	windowsmatters.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	apis.google.com	windowsmatters.com apis.google.com accounts.google.com www.youtube.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net windowsmatters.com
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com windowsmatters.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.youtube.com	apis.google.com www.youtube.com
4	www.googletagmanager.com	1 redirects windowsmatters.com
3	fonts.gstatic.com	fonts.googleapis.com
3	4.adsco.re	windowsmatters.com c.adsco.re
3	6.adsco.re	windowsmatters.com c.adsco.re
3	c.adsco.re	c1.popads.net c.adsco.re
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	js.wpadmngr.com	windowsmatters.com js.wpadmngr.com
2	1b3785b510.78ab4874ae.com	1 redirects js.cabnnr.com
2	ssum-sec.casalemedia.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	accounts.google.com	apis.google.com windowsmatters.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	i0.wp.com	windowsmatters.com
2	www.paypalobjects.com	windowsmatters.com
1	cdn.1vag.com	js.cabnnr.com
1	btds.zog.link	1 redirects
1	rtbrennab.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	serve.popads.net	c1.popads.net
1	adsco.re	c.adsco.re
1	js.cabnnr.com	js.wpadmngr.com
1	js.wpshsdk.com	js.wpadmngr.com
1	js.wpushsdk.com	js.wpadmngr.com
1	d7ad7b60ba.78ab4874ae.com	js.wpadmngr.com
1	ssl.gstatic.com	accounts.google.com
1	pgflgaaaswd1.s4.adsco.re	c.adsco.re
1	pgflgaaaswd1.n4.adsco.re	c.adsco.re
1	pgflgaaaswd1.l4.adsco.re	c.adsco.re
1	notification.tubecup.net	js.wpadmngr.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.w.org	windowsmatters.com
1	pixel.wp.com	windowsmatters.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	na.nawpush.com	js.wpadmngr.com
1	c1.popads.net	windowsmatters.com
1	stats.wp.com	windowsmatters.com
1	www.paypal.com	1 redirects
1	a.exoclick.com	windowsmatters.com
1	syndication.exoclick.com	1 redirects
1	ads.exdynsrv.com	windowsmatters.com
1	a.realsrv.com	windowsmatters.com
1	syndication.realsrv.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	tds.terelinkman.info Failed	js.wpshsdk.com
278	61

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.twitter.com
n
www.windowsmatters.com

Subject Issuer	Validity	Valid
*.apis.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
js.wpadmngr.com R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
exdynsrv.com R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
na.nawpush.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2022-09-16` - `2023-09-29`	a year	crt.sh
notification.tubecup.net R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.l4.adsco.re R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.n4.adsco.re R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.s4.adsco.re R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
d7ad7b60ba.78ab4874ae.com R3	`2022-09-20` - `2022-12-19`	3 months	crt.sh
js.wpushsdk.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
js.wpshsdk.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
js.cabnnr.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
78ab4874ae.com R3	`2022-09-20` - `2022-12-19`	3 months	crt.sh
cdn.1vag.com R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh

This page contains 32 frames:

Primary Page: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Frame ID: DEA3F691600738EFB8A388A3077BF2B7
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: C27E2FFA86C3AC96831B2D4BA0638A27
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=UCCExtLQZNEui6k8AQn01T8Q&layout=full&count=hidden&origin=http%3A%2F%2Fwindowsmatters.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 342BD678A3D403685C1B63F08AEE3754
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&adk=1812271804&adf=1573534164&lmt=1663957907&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663957907028&bpp=4&bdt=1447&idt=269&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7519203011655&frm=20&pv=2&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=285
Frame ID: 93584F7F623CF7EAFED9BF2B574B1C2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=1582131686&adf=3025194257&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907032&bpp=1&bdt=1450&idt=290&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lH5QwlMcms&p=http%3A//windowsmatters.com&dtd=295
Frame ID: 9DC49FBFBDC28DA4ED48A8C67B5901AD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192
Frame ID: BB86D101AB8C141D55EEC65E24B67CA9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=1839244030&adk=1023043548&adf=2060455649&pi=t.ma~as.1839244030&w=300&lmt=1663957907&format=300x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907176&bpp=3&bdt=1594&idt=160&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=966&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=DUkBFn0acA&p=http%3A//windowsmatters.com&dtd=162
Frame ID: D539677FE054337C60D26B1AB813C7ED
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=240&slotname=8408638030&adk=1163691176&adf=4151986934&pi=t.ma~as.8408638030&w=120&lmt=1663957907&format=120x240&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907179&bpp=1&bdt=1598&idt=241&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f1xOeq0m9e&p=http%3A//windowsmatters.com&dtd=245
Frame ID: 24AE6952344FD7B8F22DE9DDC6257D69
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=250&slotname=2647915636&adk=2824389949&adf=61965547&pi=t.ma~as.2647915636&w=250&lmt=1663957907&format=250x250&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907208&bpp=1&bdt=1626&idt=240&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wZrWH7VRVu&p=http%3A//windowsmatters.com&dtd=243
Frame ID: 6E965C3DF03E5C06B0D9E1D15260E21F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowsmatters.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 8E8CD545C7BED7EB4B9FBB1B65BD20AE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=6931904835&adk=607985521&adf=964025562&pi=t.ma~as.6931904835&w=120&lmt=1663957907&format=120x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907209&bpp=11&bdt=1627&idt=295&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=7MWhrJLIZ9&p=http%3A//windowsmatters.com&dtd=298
Frame ID: 57ECE41527F96E1D5339135B7209DE4E
Requests: 9 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: B4BE6406BEDFC00500CB975923DC243D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=0&slotname=4153805497&adk=3220549541&adf=3672038882&pi=t.ma~as.4153805497&w=0&lmt=1663957907&rafmt=12&format=0x0&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907250&bpp=1&bdt=1669&idt=589&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=3498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&fu=1280&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qAK8moVz8R&p=http%3A//windowsmatters.com&dtd=593
Frame ID: BE436BE1D90A4AFA7E486E109FE5FE0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=0&slotname=1364131212&adk=972720993&adf=292055386&pi=t.ma~as.1364131212&w=1600&lmt=1663957907&rafmt=12&format=1600x0&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907251&bpp=2&bdt=1670&idt=610&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=3871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&fu=1280&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=wkftV8J5Qv&p=http%3A//windowsmatters.com&dtd=612
Frame ID: CFC5E239E1E9C8554FF47051D38BF464
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: C29CEDBC14101538E089CAD5D33A6B36
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22
Frame ID: B269B078A472448E950E0BE1ED8FEBF4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BE3AABD43B1751C74E5DCDDB0991E93C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: F4608203F28848C0B6D06CC3391C10E4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: E15E35B44094AE892C5B5A08A39CBB08
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: A0CE6BB19056333EDE6DE9210830D66C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: E8BF31F23E1B13BB10072FC0B59AE26F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 8AF54A98637BF175FDBE3A302121222A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4CC4883C8D4E504AB3B13F7B4F015F36
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C6A53446A7EF2CC1FE15CD5C0643501
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: DEA344FD769DD2AAAB163201F1AFC680
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 588667B0C58BE98B9E521647C6A780AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C10FF10A1795DB6DC9805503A9EE692E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 84C4C5B731E53851AFDB2A62D2D4C0D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC7F3A9F92D82D5DF2A0BDDB0A3997BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 72CBE9C2F004FB059D33E9CFF9CA12D9
Requests: 2 HTTP requests in this frame

Frame: https://1b3785b510.78ab4874ae.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImMiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkdhbmRhbGYlRTIlODAlOTlzJTJDV2luZG93cyUyQzEwUEUlMkN4NjQlMkNSZWRzdG9uZSUyQzUlMkNidWlsZCUyQzE3NzYzJTJDdmVyc2lvbiUyQzA5LTAxLTIwMTklMkMlM0ElMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxMTM4MjU4NTAzIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTIzNjMsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTIzNjMiLCJjYXQiOlsiSUFCMjYiXSwicGFnZSI6Imh0dHA6Ly93aW5kb3dzbWF0dGVycy5jb20vMjAxOS8wOS8wMS9nYW5kYWxmcy13aW5kb3dzLTEwcGUteDY0LXJlZHN0b25lLTUtYnVpbGQtMTc3NjMtdmVyc2lvbi0wOS0wMS0yMDE5LyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiJkNTBmZmEwMzQ2YzhmZjBmOGZjNjAzNGM5ODVjNTYwYSJ9LCJleHQiOnsiZHQiOjE2NjM5NTc5MTEzMDB9fQ==
Frame ID: 3D923250CC5B48F3EB64BC8421F41158
Requests: 1 HTTP requests in this frame

Frame: https://cdn.1vag.com/1x1.png
Frame ID: C11F909AA8C3F65704032AA5A5EEFB0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gandalf’s Windows 10PE x64 Redstone 5 build 17763 version 09-01-2019 :

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

278
Requests

77 %
HTTPS

53 %
IPv6

41
Domains

61
Subdomains

43
IPs

10
Countries

3815 kB
Transfer

8307 kB
Size

41
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v

Search URL Search Domain Scan URL

URL: http://www.twitter.com/patfian

Search URL Search Domain Scan URL

URL: http://n/A
Title: Dick Cook

Search URL Search Domain Scan URL

URL: http://www.windowsmatters.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.googletagmanager.com/gtag/js?id=UA-49011023-1 HTTP 302
https://www.googletagmanager.com/gtag/js?id=UA-49011023-1

Request Chain 28

https://syndication.realsrv.com/splash.php?idzone=1309580 HTTP 302
https://a.realsrv.com/popunder1000.js?ad_trigger_method=3

Request Chain 30

http://syndication.exoclick.com/splash.php?idzone=1309580&type=11 HTTP 302
http://a.exoclick.com/popunder1000.js?ad_trigger_method=3

Request Chain 34

https://www.paypal.com/EN_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/EN_US/i/scr/pixel.gif

Request Chain 46

http://www.googletagmanager.com/gtag/js?id=UA-158063529-1&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-158063529-1&l=dataLayer&cx=c

Request Chain 57

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 216

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 229

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 231

https://d.agkn.com/pixel/2175/?google_gid=CAESELZKHc7LkJp6yV_i1G1y2Ak&google_cver=1&google_push=AZmPxg9-aaMcSmc682OEuYub4ujPq3pPeWpx9HwjX91Y2kx2ALAUYfVHG2BKsX5V6wfoVvf4FxQ44E3Fty6tNho2Ax2IGY_KwCni HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9-aaMcSmc682OEuYub4ujPq3pPeWpx9HwjX91Y2kx2ALAUYfVHG2BKsX5V6wfoVvf4FxQ44E3Fty6tNho2Ax2IGY_KwCni&google_hm=Q0FFU0VMWktIYzdMa0pwNnlWX2kxRzF5MkFr

Request Chain 233

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-Z2oQnYvJJjsTL5T0yTsdMBYV0cLrpCPX9PdsheZXUpvmbvKbO7k2s98q3_xApDyjm2nGUiY0PiwprROzw8kpS3Jv4gtA&google_gid=CAESEGQontf5AgL6mhjwEPQm_VI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-Z2oQnYvJJjsTL5T0yTsdMBYV0cLrpCPX9PdsheZXUpvmbvKbO7k2s98q3_xApDyjm2nGUiY0PiwprROzw8kpS3Jv4gtA&google_gid=CAESEGQontf5AgL6mhjwEPQm_VI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjMxODMxNDkwMDAxMDEwODQzNzk2NQ%3D%3D&google_push=AZmPxg-Z2oQnYvJJjsTL5T0yTsdMBYV0cLrpCPX9PdsheZXUpvmbvKbO7k2s98q3_xApDyjm2nGUiY0PiwprROzw8kpS3Jv4gtA

Request Chain 234

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECrB6kltw-NUkWm6iEv7Te4&google_cver=1&google_push=AZmPxg9pmmQAgiCMwTGGBcdybXR7GtV28xMdaA3sIFt2201tekUTRUOaHgmphQ3gUh8dfSIXCOzZv7yWz7MS1y3nyYwKkckRkRg4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVEtSUEYtNi1DTDJD&google_push=AZmPxg9pmmQAgiCMwTGGBcdybXR7GtV28xMdaA3sIFt2201tekUTRUOaHgmphQ3gUh8dfSIXCOzZv7yWz7MS1y3nyYwKkckRkRg4

Request Chain 235

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_cver=1&google_push=AZmPxg_Dms6DDa4VzV6GsM2y-ZJTe71ZGmKitnwuof6Dwo0dNvyx0SoYyAqotkZ6i6wHMwU_faLC5dDyUxn9ZhMdSGTTXcInA1R9 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_push=AZmPxg_Dms6DDa4VzV6GsM2y-ZJTe71ZGmKitnwuof6Dwo0dNvyx0SoYyAqotkZ6i6wHMwU_faLC5dDyUxn9ZhMdSGTTXcInA1R9&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_hm=Yy37lZr7U6LiU3nPblg3SgAABKkAAAAB&google_nid=index&google_push=AZmPxg_Dms6DDa4VzV6GsM2y-ZJTe71ZGmKitnwuof6Dwo0dNvyx0SoYyAqotkZ6i6wHMwU_faLC5dDyUxn9ZhMdSGTTXcInA1R9

Request Chain 284

https://1b3785b510.78ab4874ae.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImMiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkdhbmRhbGYlRTIlODAlOTlzJTJDV2luZG93cyUyQzEwUEUlMkN4NjQlMkNSZWRzdG9uZSUyQzUlMkNidWlsZCUyQzE3NzYzJTJDdmVyc2lvbiUyQzA5LTAxLTIwMTklMkMlM0ElMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxMTM4MjU4NTAzIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTIzNjMsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTIzNjMiLCJjYXQiOlsiSUFCMjYiXSwicGFnZSI6Imh0dHA6Ly93aW5kb3dzbWF0dGVycy5jb20vMjAxOS8wOS8wMS9nYW5kYWxmcy13aW5kb3dzLTEwcGUteDY0LXJlZHN0b25lLTUtYnVpbGQtMTc3NjMtdmVyc2lvbi0wOS0wMS0yMDE5LyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiJkNTBmZmEwMzQ2YzhmZjBmOGZjNjAzNGM5ODVjNTYwYSJ9LCJleHQiOnsiZHQiOjE2NjM5NTc5MTEzMDB9fQ== HTTP 302
https://rtbrennab.com/banner/in/show/?mid=1359920686&pid=0&site=12363&sc=DE&usage_type=DCH&subid=1138258503&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=windowsmatters.com&hostname=auc-banner-hz-4&site_id=0&spot_id=12363&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1b60:1010:2:1011:cae:f292:5d2f&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB26&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=93&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB26&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D12363%26source%3D1138258503%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D12363%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DGandalf%25E2%2580%2599s%252CWindows%252C10PE%252Cx64%252CRedstone%252C5%252Cbuild%252C17763%252Cversion%252C09-01-2019%252C%253A%2520%26spot_id%3D12363%26p%3Dhttp%253A%252F%252Fwindowsmatters.com%252F2019%252F09%252F01%252Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D93&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Gandalf%E2%80%99s%2CWindows%2C10PE%2Cx64%2CRedstone%2C5%2Cbuild%2C17763%2Cversion%2C09-01-2019%2C%3A%20&stratagem=&ssp=3758 HTTP 302
https://btds.zog.link/in/912/?sid=12363&source=1138258503&idzone=0&w=1&h=1&mo=&ve=&site_id=12363&utm1=&utm2=&utm3=&utm4=&ad_tags=Gandalf%E2%80%99s%2CWindows%2C10PE%2Cx64%2CRedstone%2C5%2Cbuild%2C17763%2Cversion%2C09-01-2019%2C%3A%20&spot_id=12363&p=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=93 HTTP 302
https://cdn.1vag.com/1x1.png

278 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/ 101 KB
103 KB 3255ms
2933ms Document
text/html 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache / PHP/7.4.30
Resource Hash: 7473f64af470da03635bfc51a75f6c0f9ef5fa0b210c170277ef9a091993c193

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Sep 2022 18:31:42 GMT
Keep-Alive: timeout=3, max=100
Link: <http://windowsmatters.com/wp-json/>; rel="https://api.w.org/", <http://windowsmatters.com/wp-json/wp/v2/posts/3629>; rel="alternate"; type="application/json", <http://windowsmatters.com/?p=3629>; rel=shortlink
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c
X-Pingback: http://windowsmatters.com/xmlrpc.php
X-Powered-By: PHP/7.4.30

GET
H/1.1 200
OK style.css
windowsmatters.com/wp-content/themes/wp-davinci-20/ 61 KB
62 KB 172ms
171ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/style.css
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 9f8fc0de155a1cf4308d5192fc8db4e6dc6f152979f02a55c2e193ba9293830a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:45 GMT
Last-Modified: Thu, 07 May 2020 08:32:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=100
Content-Length: 62881

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-49011023-1
https://www.googletagmanager.com/gtag/js?id=UA-49011023-1

106 KB
42 KB

95ms
35ms

Script
application/javascript

2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49011023-1

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32f7d854e2516ee02b899fff4ab9742612479d7bde3474785e50779b5c3fe318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42225
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 18:31:45 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-49011023-1
Date: Fri, 23 Sep 2022 18:31:45 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 254
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.min.css
windowsmatters.com/wp-includes/css/dist/block-library/ 87 KB
87 KB 338ms
170ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:45 GMT
Last-Modified: Tue, 12 Jul 2022 22:33:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=100
Content-Length: 88932

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
windowsmatters.com/wp-includes/js/mediaelement/ 11 KB
11 KB 349ms
169ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 17 Dec 2020 01:20:26 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=100
Content-Length: 11256

GET
H/1.1 200
OK wp-mediaelement.min.css
windowsmatters.com/wp-includes/js/mediaelement/ 4 KB
4 KB 350ms
170ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:33:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=100
Content-Length: 4186

GET
H/1.1 200
OK email-subscribers-public.css
windowsmatters.com/wp-content/plugins/email-subscribers/lite/public/css/ 2 KB
2 KB 351ms
171ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.10
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Fri, 02 Sep 2022 17:32:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=100
Content-Length: 2141

GET
H/1.1 200
OK jquery.fancybox.css
windowsmatters.com/wp-content/plugins/fancy-box/ 4 KB
4 KB 495ms
171ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/fancy-box/jquery.fancybox.css?ver=1.2.6
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: bdc06a0ae0926c481fae2925005dd1001e0d6a13e66741c2864390d42b6df8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:33:06 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 4297

GET
H/1.1 200
OK frontend.css
windowsmatters.com/wp-content/plugins/wp-math-captcha/css/ 277 B
517 B 528ms
167ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/wp-math-captcha/css/frontend.css?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: b67941a710bc007120fa919bf7feebe922b2e8835ff033cb4ae578745eef93eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:33:01 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 277

GET
H/1.1 200
OK dkxqne.css
windowsmatters.com/wp-content/uploads/ 788 B
1 KB 529ms
168ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/uploads/dkxqne.css?ver=1.1.5
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: aecb90a4b9f06a01ef2ff89a137dca9775efadb7b40d2accb35e2e128cc7b045

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Mon, 28 Dec 2020 15:44:11 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 788

GET
H/1.1 200
OK jetpack.css
windowsmatters.com/wp-content/plugins/jetpack/css/ 84 KB
84 KB 544ms
184ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 22 Sep 2022 16:37:57 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 85690

GET
H/1.1 200
OK related-posts.min.js Show response
windowsmatters.com/wp-content/plugins/jetpack/_inc/build/related-posts/ 6 KB
6 KB 697ms
168ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 22 Sep 2022 16:38:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 5644

GET
H/1.1 200
OK frontend-gtag.min.js Show response
windowsmatters.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
12 KB 700ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.0
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Tue, 20 Sep 2022 22:32:45 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 11898

GET
H/1.1 200
OK jquery.min.js Show response
windowsmatters.com/wp-includes/js/jquery/ 87 KB
88 KB 838ms
174ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Wed, 21 Jul 2021 15:50:40 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 89521

GET
H/1.1 200
OK jquery-migrate.min.js Show response
windowsmatters.com/wp-includes/js/jquery/ 11 KB
11 KB 924ms
247ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 17 Dec 2020 01:20:31 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 11224

GET
H/1.1 200
OK jquery.fancybox.js Show response
windowsmatters.com/wp-content/plugins/fancy-box/ 9 KB
10 KB 864ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/fancy-box/jquery.fancybox.js?ver=1.2.6
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 4d0b4e324bf4dce03eb4bce7335f122d0fb57d5af3616845c7aadafe90f57cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:33:06 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 9522

GET
H/1.1 200
OK jquery.easing.js Show response
windowsmatters.com/wp-content/plugins/fancy-box/ 8 KB
8 KB 867ms
168ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/fancy-box/jquery.easing.js?ver=1.3
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:33:06 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 8097

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 97ms
30ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?ver=6.0.2

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 23 Sep 2022 18:31:45 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "95a07626e083cec6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Sep 2022 18:31:45 GMT

GET
H/1.1 200
OK dkxqne.js Show response
windowsmatters.com/wp-content/uploads/ 5 KB
5 KB 988ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/uploads/dkxqne.js?ver=1.1.5
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 589abea73de2aa06e85e9c29f851a3ed43c6599794e99a2035230dd1f2ad5a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Mon, 28 Dec 2020 15:44:11 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 4954

GET
H/1.1 200
OK external.js Show response
windowsmatters.com/wp-content/themes/wp-davinci-20/js/ 344 B
598 B 1028ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/js/external.js?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: e8db08f17dde72fab4040d70edcd2d214c61565f66a52afbad90820b42fdc4c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:32:59 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 344

GET
H/1.1 200
OK suckerfish.js Show response
windowsmatters.com/wp-content/themes/wp-davinci-20/js/ 386 B
640 B 1033ms
168ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/js/suckerfish.js?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 7e789059cac7d9d61233b973c4f04cd20c69b0b34f9f8ea74c045021feb5428e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:32:59 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 386

GET
H/1.1 200
OK suckerfish-cat.js Show response
windowsmatters.com/wp-content/themes/wp-davinci-20/js/ 386 B
640 B 1030ms
166ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/js/suckerfish-cat.js?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: c10848cba5b7239e5881af41412dd5e4607a00507f38a6c283a96a6c0fa6258f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:32:59 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 386

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 167ms
74ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55d6c227c07732d8eebf25356abec8412517b3d12dcc6f59275008b130b41240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57937
x-xss-protection: 0
server: cafe
etag: 14960151303549447139
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 18:31:46 GMT

GET
H/1.1 200
OK style2.css
windowsmatters.com/wp-content/themes/wp-davinci-20/styles/ 2 KB
3 KB 815ms
330ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/styles/style2.css
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 2fca2c2f93c60efc2316c63ba416f4453c91c1eb873e9902564c507d0b6e13f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:32:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 2377

GET
H/1.1 200
OK custom.css
windowsmatters.com/wp-content/themes/wp-davinci-20/ 103 B
343 B 666ms
168ms Stylesheet
text/css 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/custom.css
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: da4330a66afebd46dece6ffd53b15a994c559c5a7c2eaf7fd76ffb2b0da930b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 07 May 2020 08:32:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 103

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 114ms
80ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3e0ae4761ce959f660e842b5e009e215147c1a71b4f3ceecf94739755081a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 23 Sep 2022 18:31:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16715901231736695969
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 57931
X-XSS-Protection: 0
Expires: Fri, 23 Sep 2022 18:31:46 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 1 KB
863 B 98ms
19ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:46 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
server: nginx/1.18.0
etag: W/"62ce6b94-4e2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 18:36:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 40ms
36ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158063529-1

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

819349c8d2f45f65dcbb43d78ce4cfb9c4ffb8bcd8b47bccf699ea48561b4699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42261
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 18:31:46 GMT

GET
H/1.1 200
OK logo7e.jpg
windowsmatters.com/wp-content/uploads/2016/04/ 12 KB
12 KB 374ms
212ms Image
image/jpeg 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsmatters.com/wp-content/uploads/2016/04/logo7e.jpg
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 162e25b6fe49fb7b2330177a224463d29489f11d76066a6afa9c57b468ae5d29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Thu, 07 May 2020 08:32:51 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 12244

GET
H/1.1

200
OK

popunder1000.js Show response
a.realsrv.com/
Redirect Chain

https://syndication.realsrv.com/splash.php?idzone=1309580
https://a.realsrv.com/popunder1000.js?ad_trigger_method=3

94 KB
40 KB

92ms
25ms

Script
application/javascript

2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/popunder1000.js?ad_trigger_method=3
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 844ec30730cdcc8d5210ff82a31360d135c95064d1e4f20048205446954c6be4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"98c3c6f817225b0f72d9d8b7f2f"
X-HW: 1663957906.dop222.fr8.t,1663957906.cds241.fr8.shn,1663957906.dop222.fr8.t,1663957906.cds283.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 40259

Redirect headers

Location: https://a.realsrv.com/popunder1000.js?ad_trigger_method=3
Date: Fri, 23 Sep 2022 18:31:46 GMT
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, follow
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK invideo.js Show response
ads.exdynsrv.com/ 25 KB
9 KB 102ms
24ms Script
application/javascript 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exdynsrv.com/invideo.js
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 47573904cde496eb48f853e3cd02db12d53fc7a02cc156359cad575e955f5c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"984c51afde7ba504ce30bb43df2"
X-HW: 1663957906.dop208.fr8.t,1663957906.cds217.fr8.shn,1663957906.dop208.fr8.t,1663957906.cds286.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8447

GET
H/1.1

200
OK

popunder1000.js Show response
a.exoclick.com/
Redirect Chain

http://syndication.exoclick.com/splash.php?idzone=1309580&type=11
http://a.exoclick.com/popunder1000.js?ad_trigger_method=3

94 KB
40 KB

70ms
23ms

Script
application/javascript

2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://a.exoclick.com/popunder1000.js?ad_trigger_method=3
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a0f82efa49cc2729abce424aeb6097ccde3001d0aa92178822d3860c600dff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"c26ce2de654dedb9195928be732"
X-HW: 1663957906.dop202.fr8.t,1663957906.cds009.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 40260

Redirect headers

Location: http://a.exoclick.com/popunder1000.js?ad_trigger_method=3
Date: Fri, 23 Sep 2022 18:31:46 GMT
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, follow
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK feed.png
windowsmatters.com/wp-content/themes/wp-davinci-20/images/ 1 KB
2 KB 167ms
166ms Image
image/png 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/images/feed.png
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 9a8e0a82949d35e171495b8ad8acd0193308be32fc6eb16c51f1fd14b77e8dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Thu, 07 May 2020 08:32:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 1423

GET
H/1.1 200
OK twitter.png
windowsmatters.com/wp-content/themes/wp-davinci-20/images/ 1 KB
1 KB 167ms
166ms Image
image/png 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/images/twitter.png
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: c630ddf2fd9cfec793f78fcbfae66b3b520f486061efa84abd3cb44ed1b8cf51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Thu, 07 May 2020 08:32:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 1126

GET
H2 200 btn_donate_pp_142x27.png
www.paypalobjects.com/webstatic/en_US/btn/ 2 KB
2 KB 289ms
28ms Image
image/png 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/en_US/btn/btn_donate_pp_142x27.png

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c3b0a9bc40fcad7b27c136b74412eab8cee356753e002709f46a6c3306c6fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=5532 idim=142x27 ifmt=png ofsz=1988 odim=142x27 ofmt=png
paypal-debug-id: 8f5e0073ffe3d
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1988
x-served-by: cache-sjc10061-SJC, cache-hhn4035-HHN
traceparent: 00-00000000000000000008f5e0073ffe3d-6a274f4788dd7902-01
x-timer: S1663957907.236602,VS0,VE0
etag: "90nz39I1MNC8tl7QviYetwa0vBnsWph9Vzpy35ZRsoI"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 16

GET
H2

404

pixel.gif
www.paypalobjects.com/EN_US/i/scr/
Redirect Chain

https://www.paypal.com/EN_US/i/scr/pixel.gif
https://www.paypalobjects.com/EN_US/i/scr/pixel.gif

0
0

1058ms
1058ms

Image
text/html

151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypalobjects.com/EN_US/i/scr/pixel.gif
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: H2
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date: Fri, 23 Sep 2022 18:31:47 GMT
via: 1.1 varnish
traceparent: 00-0000000000000000000f16430304f4c7-f01d4b740d56df0a-01
x-timer: S1663957907.229558,VS0,VE141
x-served-by: cache-hhn4073-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
location: https://www.paypalobjects.com/EN_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f16430304f4c7
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK spinner.gif
windowsmatters.com/wp-content/plugins/email-subscribers/lite/public/images/ 3 KB
3 KB 167ms
166ms Image
image/gif 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsmatters.com/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Fri, 02 Sep 2022 17:32:36 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 3208

GET
H/1.1 200
OK adblock.png
windowsmatters.com/wp-content/plugins/monitor-adblock/ 61 KB
61 KB 167ms
167ms Image
image/png 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsmatters.com/wp-content/plugins/monitor-adblock/adblock.png
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 400f47b94ac4b3fea4a1e1551cf2f87847fdd9aa75b58bf3a8404048cd2553f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Thu, 07 May 2020 08:33:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 61964

GET
H/1.1 200
OK comment-reply.min.js Show response
windowsmatters.com/wp-includes/js/ 3 KB
3 KB 171ms
168ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Fri, 27 May 2022 05:42:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 2981

GET
H/1.1 200
OK photon.min.js Show response
windowsmatters.com/wp-content/plugins/jetpack/_inc/build/photon/ 685 B
939 B 171ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 22 Sep 2022 16:38:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 685

GET
H/1.1 200
OK email-subscribers-public.js Show response
windowsmatters.com/wp-content/plugins/email-subscribers/lite/public/js/ 4 KB
5 KB 171ms
166ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.10
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: f0d756fbeb3274d62775e709e479063afa849c753728e5d356280ef1ffd6586d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Fri, 02 Sep 2022 17:32:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 4551

GET
H/1.1 200
OK intersection-observer.js Show response
windowsmatters.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
9 KB 172ms
168ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 22 Sep 2022 16:37:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 8983

GET
H/1.1 200
OK lazy-images.js Show response
windowsmatters.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
3 KB 171ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 22 Sep 2022 16:37:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 2361

GET
H/1.1 200
OK jetpack-carousel.min.js Show response
windowsmatters.com/wp-content/plugins/jetpack/_inc/build/carousel/ 24 KB
24 KB 169ms
166ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.3.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: ddddc08011f008a21f8b785f568fcb0a3ecb9ebb73ae28422f70504103f8fe1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:46 GMT
Last-Modified: Thu, 22 Sep 2022 16:38:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 24378

GET
H2 200 e-202238.js Show response
stats.wp.com/ 9 KB
3 KB 73ms
21ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202238.js
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 21:05:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-49011023-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4549
date: Fri, 23 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 19:15:58 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
windowsmatters.com/wp-includes/js/ 18 KB
18 KB 168ms
167ms Script
application/javascript 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsmatters.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Fri, 27 May 2022 05:42:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 18617

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-158063529-1&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-158063529-1&l=dataLayer&cx=c

106 KB
41 KB

38ms
38ms

Script
application/javascript

2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158063529-1&l=dataLayer&cx=c

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f461ff42026ad9d283e13d82066e1e1871997992d23018f1c2b50b1e7c4fbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42232
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 18:31:47 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-158063529-1&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK pop.js Show response
c1.popads.net/ 31 KB
10 KB 86ms
23ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: http://c1.popads.net/pop.js
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 29edb89f7b40f0c87cbbfd0b6079a11e461ee20a2639a45fdca31f5ade5eb349

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
X-77-NZT-Ray: 6/HeEgao+Yo
Transfer-Encoding: chunked
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
alt-svc: quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
X-77-NZT: Abk73BDVeNT/HQwNAA
X-Accel-Expires: @1664139638
Last-Modified: Sun, 03 Jul 2022 20:49:14 GMT
Server: CDN77-Turbo
ETag: W/"62c200ca-7b48"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-Age: 855069

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 87 KB
31 KB 77ms
37ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fbe0457bb7785a32cce599652a2e2feea0ba1bd19ec96331e7377837741c703b

Request headers

Referer: http://windowsmatters.com/
Origin: http://windowsmatters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:39:30 GMT
server: nginx/1.18.0
etag: W/"632da902-15a62"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 18:36:47 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 348 KB
123 KB 156ms
87ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7078648950207249&plah=windowsmatters.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53738fd15375cb06ba62fe090679cf742286d4e126f0f32dc4828eede9c256fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125803
x-xss-protection: 0
server: cafe
etag: 1951669379349190028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame C27E 10 KB
5 KB 73ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 13:45:06 GMT
etag: 9671129459699598864
expires: Fri, 07 Oct 2022 13:45:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bullet.png
windowsmatters.com/wp-content/themes/wp-davinci-20/images/ 370 B
611 B 166ms
166ms Image
image/png 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/images/bullet.png
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/wp-content/themes/wp-davinci-20/style.css
Protocol: HTTP/1.1
Server: 192.145.233.49 , United States, ASN22611 (INMOTION, US),
Reverse DNS: biz236.inmotionhosting.com
Software: Apache /
Resource Hash: bf7342fc84dab45148729e11c91074d3483c70d95ac6511fe4da7d39792ea08f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/wp-content/themes/wp-davinci-20/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Thu, 07 May 2020 08:32:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 370

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=686389514&t=pageview&_s=1&dl=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&ul=en-us&de=UTF-8&dt=Gandalf%E2%80%99s%20Windows%2010PE%20x64%20Redstone%205%20build%2017763%20version%2009-01-2019%20%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=761396715&gjid=916243814&cid=1404258740.1663957907&tid=UA-49011023-1&_gid=2117890746.1663957907&_r=1&gtm=2ou9l0&did=dZGIzZG&gdid=dZGIzZG&z=1706527049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://windowsmatters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 68ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=686389514&t=pageview&_s=1&dl=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&ul=en-us&de=UTF-8&dt=Gandalf%E2%80%99s%20Windows%2010PE%20x64%20Redstone%205%20build%2017763%20version%2009-01-2019%20%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1028641396&gjid=2035652655&cid=1404258740.1663957907&tid=UA-158063529-1&_gid=2117890746.1663957907&_r=1&gtm=2ou9l0&did=dZGIzZG&gdid=dZGIzZG&z=2133790540

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://windowsmatters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7264 Show response
na.nawpush.com/tags/ 857 B
1011 B 137ms
42ms XHR
application/json 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/7264?version_name=c
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7ed55e1ecf885c931a83cfc6b3c149e750fcf1b3aae0e30547b9f535f2d4555e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 18:31:47 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
content-length: 857
x-proxy-cache: MISS

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
237 B 19ms
19ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 18:36:47 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H3

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
19 KB

21ms
20ms

Script
text/javascript

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4549
date: Fri, 23 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 19:15:58 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-41636764-1&cid=1404258740.1663957907&jid=203601647&gjid=339035411&_gid=2117890746.1663957907&_u=aGDAgUABAAAAAG~&z=1617841648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 18:31:47 GMT
content-type: text/plain
access-control-allow-origin: http://windowsmatters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=686389514&t=pageview&_s=1&dl=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&ul=en-us&de=UTF-8&dt=Gandalf%E2%80%99s%20Windows%2010PE%20x64%20Redstone%205%20build%2017763%20version%2009-01-2019%20%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAAC~&jid=203601647&gjid=339035411&cid=1404258740.1663957907&tid=UA-41636764-1&_gid=2117890746.1663957907&z=1556304389

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 09:31:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32416
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 46ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=55280928&post=3629&tz=-7&srv=windowsmatters.com&host=windowsmatters.com&ref=&fcp=4485&rand=0.6100558515872754
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 18:31:47 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 1f603.svg
s.w.org/images/core/emoji/14.0.0/svg/ 526 B
541 B 71ms
20ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f603.svg

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

064de246adc3045a5f072834a0a9c108c890a08eaca2804afd5652fca6c58eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/ 3 KB
3 KB 1516ms
1516ms XHR
application/json 192.145.233.49
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL

http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/?relatedposts=1

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209

Protocol

HTTP/1.1

Server

192.145.233.49 , United States, ASN22611 (INMOTION, US),

Reverse DNS

biz236.inmotionhosting.com

Software

Apache / PHP/7.4.30

Resource Hash

23167737226fd39fc3e3dd17566620cc85ca31ea08563081c6fe0d48f12f259c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.4.30
X-Pingback: http://windowsmatters.com/xmlrpc.php
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=3, max=95

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 123 KB
43 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=6.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fef155cec78b92369b7e356996c1fbf5da494ea0c8ef5c6da877fd266c301b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 12:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43528
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 12:01:01 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 120 KB
41 KB 70ms
25ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=6.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c740274f4f1569613bd1938d5346668531abe8f92d2b5704abeb931ed16137c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 12:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41752
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 12:01:01 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 342B 831 B
2 KB 173ms
86ms Document
text/html 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=UCCExtLQZNEui6k8AQn01T8Q&layout=full&count=hidden&origin=http%3A%2F%2Fwindowsmatters.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=6.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe6fd968859888876a89efa82240ea77b66ff7bf12fe3ea47f0bc5f9297363c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
649 B 101ms
28ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=windowsmatters.com&callback=_gfp_s_&client=ca-pub-7078648950207249

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7078648950207249&plah=windowsmatters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

4b9b00229580beb9ad42a599b53f1935c6fb76b072b9f4ab88202754e1924544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 77ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsmatters.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsmatters.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9358 217 KB
53 KB 616ms
572ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&adk=1812271804&adf=1573534164&lmt=1663957907&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663957907028&bpp=4&bdt=1447&idt=269&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7519203011655&frm=20&pv=2&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=285

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e3b485aea55217530b11367a46be1a5e5b5ceec431e317c0fc6c2e0d1671522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 54509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DC4 83 KB
30 KB 643ms
611ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=1582131686&adf=3025194257&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907032&bpp=1&bdt=1450&idt=290&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lH5QwlMcms&p=http%3A//windowsmatters.com&dtd=295

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd34eecf52f35a152ce72d9e8c10b42eeb34b3a293cedd09eac2940a2692c809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
c.adsco.re/ 65 KB
24 KB 91ms
35ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: br
cf-cache-status: HIT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 678417
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 74f55bf93dc68fca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expires: Mon, 24 Oct 2022 18:31:47 GMT

GET
H2 200 applications-on-pe2.jpg
i0.wp.com/windowsmatters.com/wp-content/uploads/2019/05/ 43 KB
43 KB 65ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/windowsmatters.com/wp-content/uploads/2019/05/applications-on-pe2.jpg?resize=640%2C453

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

47ed02e53484f4f328e18e6143007b3acec615d6f2221700090ead35e40956ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 23 Sep 2022 18:31:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 16:38:39 GMT
server: nginx
etag: "88a594488a3eace4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://windowsmatters.com/wp-content/uploads/2019/05/applications-on-pe2.jpg>; rel="canonical"
content-length: 43950
expires: Sun, 06 Nov 2022 04:38:39 GMT

GET
H2 200 desktop-2019-09-01.jpg
i0.wp.com/windowsmatters.com/wp-content/uploads/2019/05/ 19 KB
19 KB 91ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/windowsmatters.com/wp-content/uploads/2019/05/desktop-2019-09-01.jpg?resize=640%2C360

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5fccaa31901582c13d101cf8555096f7ea0ab4c06148eb9aac061fcd723c3603

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 23 Sep 2022 18:31:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 16:38:52 GMT
server: nginx
etag: "3e53988a040e24ae"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://windowsmatters.com/wp-content/uploads/2019/05/desktop-2019-09-01.jpg>; rel="canonical"
content-length: 19084
expires: Sun, 06 Nov 2022 04:38:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB86 46 KB
11 KB 834ms
810ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5438ac135485b08f386c6c120f67cee9054388b76661f9819c7dd7d595725fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
expires: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D539 76 KB
13 KB 1839ms
1819ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=1839244030&adk=1023043548&adf=2060455649&pi=t.ma~as.1839244030&w=300&lmt=1663957907&format=300x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907176&bpp=3&bdt=1594&idt=160&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=966&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=DUkBFn0acA&p=http%3A//windowsmatters.com&dtd=162

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5fa5bdd42961a4e1b06a954a6f522aef99a43cf5155df11f19ab3cc4822ef43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13568
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:49 GMT
expires: Fri, 23 Sep 2022 18:31:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24AE 87 KB
31 KB 438ms
438ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=240&slotname=8408638030&adk=1163691176&adf=4151986934&pi=t.ma~as.8408638030&w=120&lmt=1663957907&format=120x240&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907179&bpp=1&bdt=1598&idt=241&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f1xOeq0m9e&p=http%3A//windowsmatters.com&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

318e59342497b4d223f663453754aa0d7033ffa93c7a10300d70651a19ac9268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31610
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
6.adsco.re/ 0
351 B 93ms
31ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://windowsmatters.com/
Origin: http://windowsmatters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: http://windowsmatters.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 74f55bf9fdf69235-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
462 B 181ms
42ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://windowsmatters.com/
Origin: http://windowsmatters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://windowsmatters.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E96 54 KB
11 KB 476ms
476ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=250&slotname=2647915636&adk=2824389949&adf=61965547&pi=t.ma~as.2647915636&w=250&lmt=1663957907&format=250x250&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907208&bpp=1&bdt=1626&idt=240&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wZrWH7VRVu&p=http%3A//windowsmatters.com&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f7d85f2e70e939455eb554762bf3e5e6772c342799e598ca51345b7f42ef6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11749
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 181ms
33ms Preflight 157.90.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=7264
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://windowsmatters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://windowsmatters.com
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:31:47 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 27 B
404 B 154ms
100ms XHR
application/json 157.90.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=7264
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 37c47f8befa56b8975c6ab62963be963aa7fa2c95dccd708de1749d2d9e5eedd

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://windowsmatters.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 27

GET
H2 200 tags Show response
notification.tubecup.net/ 1 KB
1 KB 104ms
33ms XHR
application/json 78.47.199.202
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=7264&timezone_olson=Etc/Unknown&version_name=c
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.199.202 Thalmassing, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.202.199.47.78.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: ff88f4a7aa39ee99ecf215395d98ef626eb74b172ee28f6f06a7059be6b3562b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:47 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 1272

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 8E8C 566 B
902 B 88ms
34ms Document
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowsmatters.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52d26f7ff601d52ef32b66e586102eac20607e508749fd1d56dcabaa0bf1f3b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ot3jN3tIrJvtF62NO0Qa2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ot3jN3tIrJvtF62NO0Qa2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57EC 70 KB
28 KB 370ms
370ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=6931904835&adk=607985521&adf=964025562&pi=t.ma~as.6931904835&w=120&lmt=1663957907&format=120x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907209&bpp=11&bdt=1627&idt=295&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=7MWhrJLIZ9&p=http%3A//windowsmatters.com&dtd=298

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52aa89c637eb88de621d3adbdf2c2302d67e8c79b377ba4cf10ac878c25b149d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28913
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:47 GMT
expires: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
462 B 65ms
36ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 883970cc29ba7e2ab45022da3e3a491c43a83008de7bff5c92b8b5c572edb600

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://windowsmatters.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 68 B
604 B 67ms
46ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd38115e2249f43db7b1b55bb5fec92202615cd1b72396b9ab6fb5b5f79aa276

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://windowsmatters.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 74f55bfa3eac9a06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
pgflgaaaswd1.l4.adsco.re/ 0
464 B 134ms
32ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://pgflgaaaswd1.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
pgflgaaaswd1.n4.adsco.re/ 0
464 B 588ms
109ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://pgflgaaaswd1.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 18:31:48 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
pgflgaaaswd1.s4.adsco.re/ 0
464 B 1133ms
188ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://pgflgaaaswd1.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Kuala Lumpur, Malaysia, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://windowsmatters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 18:31:48 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame B4BE 65 KB
27 KB 50ms
31ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Age: 678419
CF-Cache-Status: HIT
CF-RAY: 74f55bfa3eb468ef-FRA
Cache-Control: public, max-age=2678400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 23 Sep 2022 18:31:47 GMT
ETag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
Expires: Mon, 24 Oct 2022 18:31:47 GMT
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 75ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsmatters.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 74ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsmatters.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE43 436 B
233 B 204ms
203ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=0&slotname=4153805497&adk=3220549541&adf=3672038882&pi=t.ma~as.4153805497&w=0&lmt=1663957907&rafmt=12&format=0x0&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907250&bpp=1&bdt=1669&idt=589&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=3498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&fu=1280&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=qAK8moVz8R&p=http%3A//windowsmatters.com&dtd=593

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a96e17d23fa3740c6f6b7e846953dca633c858ab4cb354c9d310c438dfe3836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
expires: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame 8E8C 0
20 B 85ms
38ms Other
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-eVyqxdGy7t8tTSWV0oLXlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowsmatters.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:47 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-eVyqxdGy7t8tTSWV0oLXlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
6.adsco.re/ Frame B4BE 0
596 B 31ms
31ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 74f55bfc29449a06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame B4BE 0
454 B 36ms
36ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 342B 38 KB
6 KB 103ms
35ms Stylesheet
text/css 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=UCCExtLQZNEui6k8AQn01T8Q&layout=full&count=hidden&origin=http%3A%2F%2Fwindowsmatters.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=UCCExtLQZNEui6k8AQn01T8Q&layout=full&count=hidden&origin=http%3A%2F%2Fwindowsmatters.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 03:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Sep 2023 03:59:15 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 342B 252 KB
72 KB 106ms
39ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=UCCExtLQZNEui6k8AQn01T8Q&layout=full&count=hidden&origin=http%3A%2F%2Fwindowsmatters.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 02:21:15 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFC5 436 B
235 B 613ms
612ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=0&slotname=1364131212&adk=972720993&adf=292055386&pi=t.ma~as.1364131212&w=1600&lmt=1663957907&rafmt=12&format=1600x0&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907251&bpp=2&bdt=1670&idt=610&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=3871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&fu=1280&bc=23&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=wkftV8J5Qv&p=http%3A//windowsmatters.com&dtd=612

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdfe348bd30d5d9ea67f41ea959359f5465c55639ee67a7623e5b2defbd0ba7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
expires: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 8E8C 10 KB
5 KB 131ms
34ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowsmatters.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 02:09:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 10:14:47 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 8E8C 14 KB
5 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5573
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 23 Sep 2022 18:31:47 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7759e2b79382a50e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H2 200 track Show response
d7ad7b60ba.78ab4874ae.com/in/ 0
207 B 142ms
37ms XHR
text/plain 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://d7ad7b60ba.78ab4874ae.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTI2MjA3NzIzNjY1MjExNDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjo3MjY0LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC42NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiR2FuZGFsZiVFMiU4MCU5OXMlMkNXaW5kb3dzJTJDMTBQRSUyQ3g2NCUyQ1JlZHN0b25lJTJDNSUyQ2J1aWxkJTJDMTc3NjMlMkN2ZXJzaW9uJTJDMDktMDEtMjAxOSUyQyUzQSUyMCJ9
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:47 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 csub.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 53 KB
13 KB 98ms
20ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9821696936c1f0e1aaf0f3b3ab5a3a6b5f22f8f3798ff94fc6c5974f63036fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 12:49:57 GMT
server: nginx/1.18.0
etag: W/"63207c75-d220"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 18:36:47 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.wpshsdk.com/extention/ 19 KB
7 KB 94ms
20ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/extention/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 555d5195d9e6b6bbd648eccc1ec41fd5f018484a0ef5ef5c8f27753372f22942

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:30:54 GMT
server: nginx/1.18.0
etag: W/"624db22e-4da7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 18:36:47 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 45 KB
15 KB 131ms
39ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 072972bfca957718b8a4f40087dc3a9eba842938a1a166696e845bd9779d0698

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 14:00:41 GMT
server: nginx/1.18.0
etag: W/"63208d09-b395"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 18:36:47 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame B4BE 65 KB
27 KB 31ms
30ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:47 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 678419
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
Vary: Accept-Encoding
Content-Type: text/html
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Cache-Control: public, max-age=2678400
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
CF-RAY: 74f55bfc4a0368ef-FRA
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Mon, 24 Oct 2022 18:31:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 24AE 8 KB
1 KB 117ms
46ms Stylesheet
text/css 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=240&slotname=8408638030&adk=1163691176&adf=4151986934&pi=t.ma~as.8408638030&w=120&lmt=1663957907&format=120x240&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907179&bpp=1&bdt=1598&idt=241&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f1xOeq0m9e&p=http%3A//windowsmatters.com&dtd=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 17:57:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 18:31:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 24AE 2 KB
983 B 97ms
48ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:26:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 24AE 23 KB
10 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:28:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 24AE 3 KB
1 KB 86ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:29:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 24AE 17 KB
7 KB 74ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:27:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24AE 140 KB
44 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H2 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 24AE 33 KB
14 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 10:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 18:29:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 24AE 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpXdmk_stY5qyHbra6gTG1qXQCqmugpBsqbm9kNoQ3tz0s6oyEAEgosX-G2CVsviBlAegAempyuUDyAEJqQIgXzelcASmPqgDAcgDywSqBJwCT9B8jo7jVxqVVPlQWn2wmZdUZ0rEmEcyHHr9vtnsdf8ZNxXV4jnMz9VcHqxB5gZ4GH9cImM8gn2e-EZ0_MsLa8vAJ3cByqBLhq1JEJR25flwUfIQDJZFs0YAcP2WguhBuYTltba3ePYRwxZeevZAjm_2tqRFVGoOl2qgC5Jh8KgXJ09hB-lfxT_7H-ATGUE24SHHfGCsd4_KbgussxlFlcjq5adBzXI7k5mBCskXmpFt09l2jEhNKrlCYZOQKwBeFKWvyJefkLWx1AMyLk-6IY7RZtkM0qjKJJ-o9qZ6R5hwfE-jmrKxRfeX20ZvEi6ocj-9FIMWL1ChF30zyBIEAU6QSMxl6EspTr-vEOmsYJpSnoCzUedUCnJQ7SjABL7T-JmPBJIFBAgEGAGSBQQIBRgEoAYugAf_1bUaqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQlVvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi03MDc4NjQ4OTUwMjA3MjQ5GAA&sigh=pWdugEgEBxU&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=240&slotname=8408638030&adk=1163691176&adf=4151986934&pi=t.ma~as.8408638030&w=120&lmt=1663957907&format=120x240&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907179&bpp=1&bdt=1598&idt=241&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f1xOeq0m9e&p=http%3A//windowsmatters.com&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H2 200 13214722127218745206
tpc.googlesyndication.com/daca_images/simgad/ Frame 57EC 29 KB
29 KB 85ms
50ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13214722127218745206

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=6931904835&adk=607985521&adf=964025562&pi=t.ma~as.6931904835&w=120&lmt=1663957907&format=120x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907209&bpp=11&bdt=1627&idt=295&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=7MWhrJLIZ9&p=http%3A//windowsmatters.com&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3457081a26b625bd0e0012bf055facad189746130c85bf52bfbd4335fb9844be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:26:00 GMT
x-content-type-options: nosniff
age: 259547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29685
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 07:49:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 18:26:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 57EC 23 KB
9 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:28:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 57EC 3 KB
1 KB 81ms
62ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:29:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 57EC 17 KB
7 KB 62ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:27:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57EC 140 KB
44 KB 84ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 57EC 32 KB
13 KB 81ms
63ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e9a6b83eabe383b954ff2ea312241161d6f422cca61b6531dd247028facd32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13557
x-xss-protection: 0
server: cafe
etag: 14526688295695256096
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 17:54:26 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11842269195070439013/ Frame 24AE 3 KB
3 KB 92ms
59ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11842269195070439013/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0399ca95fb11fb7ca93f09df4b115fba2865e6f85798ea5376be5d0c648c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3229
x-xss-protection: 0
last-modified: Mon, 01 Jul 2019 04:01:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 18:31:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 57EC 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAajtk_stY_zFIsWP78EPoK2joAL8tr-YbImIr5HdENnZHhABIKLF_htglbL4gZQHoAGewqGSAsgBAqkCWaIGyT1HsD6oAwHIA8kEqgScAk_QyMU_ICa42iBD872JaaYrOjsjcG7U4GC8EIiNKP4lSRKo7xAeB-bjMq3r6N3ZsHIMpUDjUYclsdcAcjZTXjhoY7mnTfz4TN80y8r-JHsedUuwexxaRre1IuKYKfPz1jUFyN05cpoRfuXJeLCsSojx5Pi8xDbIMmKq_7FN2mbjHYs08yJ2s6hCcE0ZlSIiBBGiwI9a9KAv1qqesGnSX9E45dmdTf2UfGZV05xgjCykh0YGl_7JZlOmW3pW7SlaJsaUW8ChE-BRuJIu_St8X-mtyx25FfFqCx9ULRTyXudKCzS5qggXfq01TcfxnonoK-nJ_i8jqNwPBYTGXQ2rjJqosSQFhcYLCdA4nwHgvXgg_VF5QWOmANQgrMlbwATxqpvHkQSgBgKAB8q93u0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQodMP0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNzA3ODY0ODk1MDIwNzI0ORgA&sigh=ROrWKy4z8gw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=6931904835&adk=607985521&adf=964025562&pi=t.ma~as.6931904835&w=120&lmt=1663957907&format=120x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907209&bpp=11&bdt=1627&idt=295&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=7MWhrJLIZ9&p=http%3A//windowsmatters.com&dtd=298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET /
6.adsco.re/ Frame B4BE 0
0

GET /
4.adsco.re/ Frame B4BE 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame C29C 220 KB
61 KB 150ms
33ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=250&slotname=2647915636&adk=2824389949&adf=61965547&pi=t.ma~as.2647915636&w=250&lmt=1663957907&format=250x250&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907208&bpp=1&bdt=1626&idt=240&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wZrWH7VRVu&p=http%3A//windowsmatters.com&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame C29C 14 KB
5 KB 207ms
91ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame C29C 94 KB
28 KB 212ms
96ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame C29C 72 KB
16 KB 225ms
109ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ff45ed21e0fdb46acfea1707e3c483c7e1526de7a0494d4eae37e30e447b898

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16646
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5233120a3e1a8f6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame C29C 5 KB
2 KB 223ms
109ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame C29C 40 KB
13 KB 231ms
116ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
DATA 200
OK truncated
/ Frame C29C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f74653097c8c378bdfb7af3195bd0f561e4fc271b4eb8cc0bc44de0ab3a028f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29C 2 KB
2 KB 81ms
34ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29C 295 B
319 B 67ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C29C 0
21 B 68ms
67ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfdB8k_stY836HpKh6gTAx7_YB7rDoctsns2I0aIQ0t7omcsBEAEgosX-G2CVsviBlAegAcuXwrwCyAEJqQJZogbJPUewPqgDAcgDCKoEowJP0GzjEodf53K-N-GVHhPJGNXpWRKdUDpj9otgKn7wq9kRTGTZhaEChz-HIZhouimvITF5D2frTpkIJPT94GQUVqURD1rF66uWNKUEV0IJ6xD9YVMzTYGTdca753R5jRXD5C_0LptLzW1r6fhF73HKL-iRimCfvraXLIesuQ6s8r45UsKl3bqpB2jVoT6hSSBMw_viJaniOSCsdQltdBmzYWQk624pDqjLO0gtwIruT71rYqXti4nJ8IOzz-AGF_4VG_eNo_KbaQCpnguVBWzk3MhfwGkorO7vimAwh5wB2KGeAwowyfm5citIgLHHd79N6F1JqUrei1SrivnUN_l6LgllAPW8ymT0i6WnU_IAwfXuK_mgTksjGztxaRjfHE66jr3ABJ2NyqaIBJIFBAgEGAGSBQQIBRgEoAYugAed6L3DAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP24A9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMCiBQE0BUBgBcBshccChoIABIUcHViLTcwNzg2NDg5NTAyMDcyNDkYAA&sigh=QrsQ08ajvxM&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=250&slotname=2647915636&adk=2824389949&adf=61965547&pi=t.ma~as.2647915636&w=250&lmt=1663957907&format=250x250&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907208&bpp=1&bdt=1626&idt=240&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=1857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wZrWH7VRVu&p=http%3A//windowsmatters.com&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Sep 2022 18:31:47 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/13013324518578514132/ Frame C29C 97 KB
97 KB 80ms
35ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13013324518578514132/bg.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc99bf2588ad3d83408511afd8f918238a4979f66aff714773a426c83e3ac8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:21:26 GMT
x-content-type-options: nosniff
age: 180622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99014
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:21:26 GMT

GET
H3 200 push1.png
tpc.googlesyndication.com/sadbundle/13013324518578514132/ Frame C29C 3 KB
3 KB 78ms
32ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13013324518578514132/push1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3ca439603420a4ffd474631f331d70a7406e9a283e6873d6de11920160a025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:21:26 GMT
x-content-type-options: nosniff
age: 180622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:21:26 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/13013324518578514132/ Frame C29C 1 KB
1 KB 78ms
33ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13013324518578514132/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbfc069816c4d95cd310eae7e2ad5122b508a7faf2e8603748408d6fa1d0313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:21:26 GMT
x-content-type-options: nosniff
age: 180622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1369
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:21:26 GMT

GET
H3 200 legal.jpg
tpc.googlesyndication.com/sadbundle/13013324518578514132/ Frame C29C 20 KB
20 KB 67ms
23ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/13013324518578514132/legal.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99775e3a3e263809b1d1b4d6270477dcf42d736a51956e8f3c70bb502f62317d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:21:27 GMT
x-content-type-options: nosniff
age: 180621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20891
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:21:27 GMT

GET
H3 200 alert_error_small_icon.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 342B 281 B
304 B 35ms
34ms Image
image/png 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/alert_error_small_icon.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e948824cd3a162673539468c7c5c691911553e26537f1f37d6c9bc6f824c005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:14:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Oct 2020 03:45:00 GMT
server: sffe
age: 119818
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 09:14:50 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 149 KB
53 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc14723eba0ba79c8d0ca2a09eed32d416762db8496e93aedc63651dc9038182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54560
x-xss-protection: 0
server: cafe
etag: 1155987611080107287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9DC4 4 KB
621 B 97ms
42ms Stylesheet
text/css 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=1582131686&adf=3025194257&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907032&bpp=1&bdt=1450&idt=290&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lH5QwlMcms&p=http%3A//windowsmatters.com&dtd=295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 17:54:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 18:31:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9DC4 2 KB
902 B 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:26:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 9DC4 23 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:28:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9DC4 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9DC4 17 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:27:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DC4 140 KB
44 KB 74ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 9DC4 33 KB
13 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 20:25:22 GMT

GET
DATA 200
OK truncated
/ Frame 24AE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7b20d0e70f87e65c919d9a84e96f55ea328ffce0f92ae73a570e47b32a304b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsmatters.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsmatters.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B269 73 KB
31 KB 768ms
768ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b73587e78ba95ef6443bc41d1d03cc88f55135a7a054f1b4a68a34b4edc2280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 31465
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE3A 143 B
163 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=6931904835&adk=607985521&adf=964025562&pi=t.ma~as.6931904835&w=120&lmt=1663957907&format=120x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907209&bpp=11&bdt=1627&idt=295&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2166&ady=2504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=7MWhrJLIZ9&p=http%3A//windowsmatters.com&dtd=298
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 17:39:22 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9DC4 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBIjek_stY6L3GZKr7gT104SYBNHk0KRryc3KyrwQ2dkeEAEgosX-G2CVsviBlAegAdOi_eAoyAEJqQJez1Q90FOwPqgDAcgDywSqBJ4CT9BfKjO4Xm8iVYxR_0m3CS6ebITyFbUB48Qn9ihEjISU6N0p7Yo5pwn37zhvBrsD40VpbxqfXjPedf3LqVnMwbRlUccFfiExRpR5XjMovftnZs94D2a7Lhs0hlTc2DCehe45fmYNcsxbxuoF0UUTAns-8-_wGv330V5ZjPd3b59OGfRjTBEua4cXzVzEGzZHJHtWHn3toX8ePZxMg7TTx2xnNmw3sY7QHukopUfRUZ5BMnjoi-XGyjb_V2jQ7eQeZt2UrRh6Drhuf6-lI6ouiRXHSWRRxs1LBHVPJY2aZrRZzOFp1-rP8awZon5LqpxYymcJjdkFQab0cGTX_rBbt8k6H5L2lwA9LanBI0S1ee4JEB2BHDh_4qLhVFEvUsAE5oWsl_4DoAYugAfT2s3AA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOL8B9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTA4gUAtAVAYAXAbIXHAoaCAASFHB1Yi03MDc4NjQ4OTUwMjA3MjQ5GAA&sigh=rjZHG0MbhVA&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=1582131686&adf=3025194257&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907032&bpp=1&bdt=1450&idt=290&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lH5QwlMcms&p=http%3A//windowsmatters.com&dtd=295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET in
tds.terelinkman.info/tds/ 0
0

GET
DATA 200
OK truncated
/ Frame 57EC 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3792597d9198a046c986ee23989d757a22a52cb5cba32595207ee8736728011e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/9539870833623333105/ Frame 9DC4 36 KB
37 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9539870833623333105/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa02d3301e6f98c6bf3518228ba13c241f0c53e800adb9247018244d9ab5c7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:55 GMT
x-content-type-options: nosniff
age: 332333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37352
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 09:13:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 22:12:55 GMT

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/4657890946249480943/ Frame 9DC4 3 KB
3 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4657890946249480943/2728354180183721846?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b885a9f30b7fe6ccb27b7466faf393f6ea2b3b10e89e319fa9b38f1f1bfc13a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 23:05:20 GMT
x-content-type-options: nosniff
age: 329188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2642
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 09:13:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 23:05:20 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 362 B
702 B 134ms
82ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: fd40540fb9f6cc5b530ab7200c55e3b4c106d9cee13a169981ea400c6b17cf0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 18:31:48 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
AS-P-1: OK lon223
Access-Control-Allow-Origin: http://windowsmatters.com
Cache-Control: no-transform
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8
AS-P-2: OK
AS-P-3: OK

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame 342B 128 KB
42 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 00:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42575
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 00:15:59 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame 8E8C 53 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19062
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 14:37:52 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 24AE 28 KB
28 KB 126ms
35ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 165226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:38:02 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame F460 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 00:10:18 GMT
etag: 9671129459699598864
expires: Fri, 07 Oct 2022 00:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame E15E 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 00:10:18 GMT
etag: 9671129459699598864
expires: Fri, 07 Oct 2022 00:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame BB86 220 KB
60 KB 104ms
34ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame BB86 14 KB
5 KB 102ms
34ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame BB86 94 KB
28 KB 116ms
99ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame BB86 72 KB
16 KB 98ms
81ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ff45ed21e0fdb46acfea1707e3c483c7e1526de7a0494d4eae37e30e447b898

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16646
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5233120a3e1a8f6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:58 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame BB86 5 KB
2 KB 110ms
93ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame BB86 40 KB
13 KB 112ms
95ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB86 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB86 295 B
319 B 23ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB86 0
17 B 66ms
65ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT3sok_stY9axGY6x6wSIk6eACbrDoctsvs6I0aIQi4GGy8IBEAEgosX-G2CVsviBlAegAcuXwrwCyAEJqQKJaQxG016wPqgDAcgDCKoEnAJP0KOCw9Ef2pw8BZy2L0avjQSBfcALTpNV1iynQt-2IcCGiJ_9rN16G__B4Ifxmpau6ON804UH7VJEFlPaGkQRTeCzL7tZSeEXx4i2KaGLvXQ5ugEdN975z73h1uElXqeIkDjXK8u5SikyxIbQjmq29NgfQ1DqfDvZz__KAEBRh4D4MjVgiXukXV4E3ZaeZeR1kingT6E41PY9YtSYBK9ogQDqT9YxN--5iQxnpbjSSsWdaKovRysHTVGTbtr5oXujICyhhEdpFxRylA9ObASUgPCRz7uukdSb3KdATLWCQsLU7T-EQ5jTzhuKAp3qZCpAKKqhV1XPrvZPqMWZjq24vfUedEQ0yChteWTlJE5Cf2f9HYLk_0LJL64-ScAEnY3KpogEkgUECAQYAZIFBAgFGASgBi6AB53ovcMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0-gQ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwKIFATQFQGAFwGyFxwKGggAEhRwdWItNzA3ODY0ODk1MDIwNzI0ORgA&sigh=-BvPPDLamF4&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame BB86 94 KB
94 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/bg.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc1a9eec9dab80cc3600a3283d5860565dfcb91a1dc4873ec8aa4042f1390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96148
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 push1.png
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame BB86 4 KB
4 KB 28ms
27ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/push1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd6f32f3576fcf57805489535ce7751ef8ab1fff69d0797aabcdf47e97422034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4267
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 partner.png
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame BB86 1 KB
1 KB 27ms
26ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/partner.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9fded13f30398d146622136f1fabbcd57633085829ceafd558e7549ad23396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1252
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame BB86 1 KB
1 KB 28ms
26ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77536ea408bcc9468fb6bc0b929c3efba851225b3b7f377c17d0ad4c4de10cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 legal.jpg
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame BB86 27 KB
27 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/legal.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=90&slotname=9723620833&adk=361135710&adf=2957212354&pi=t.ma~as.9723620833&w=728&lmt=1663957907&format=728x90&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907142&bpp=5&bdt=1561&idt=189&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=3372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pdQ890eTqp&p=http%3A//windowsmatters.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff9b16ef21b4a69bc3f697c6b076369670a159ceff22f9b2730014f52f090f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27640
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
DATA 200
OK truncated
/ Frame 9DC4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 164ecde62c8049d8b99052d703561a958aee06fd5f1ed9d939f9a28686d78a16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012209072154000/ 23 KB
8 KB 96ms
96ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17873839002d03ab8fa17154069088fc10f6e37b8f98a264f3cdb16fb4a8d7af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7851
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f9963e045a8389be"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:59 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9DC4 15 KB
16 KB 112ms
40ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 169120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:33:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9DC4 15 KB
15 KB 105ms
34ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 169128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:33:00 GMT

GET
DATA 200
OK truncated
/ Frame BB86 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0737860fc2477f17249d37882b000302ad1e25c8a553ace1ed85c90ec78b15af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE3A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
42ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 18:31:48 GMT
expires: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame A0CE 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:21:50 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29C 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C29C 295 B
319 B 21ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F460 4 KB
636 B 42ms
41ms Stylesheet
text/css 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 17:55:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 18:31:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F460 205 B
229 B 21ms
21ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:02:46 GMT
x-content-type-options: nosniff
age: 26942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Sep 2023 11:02:46 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F460 604 B
628 B 22ms
21ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:54:17 GMT
x-content-type-options: nosniff
age: 2251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Sep 2023 17:54:17 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame F460 19 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 2919620596669342719
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 16:51:18 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame E15E 220 KB
60 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E15E 14 KB
5 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E15E 94 KB
28 KB 45ms
42ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E15E 72 KB
16 KB 48ms
45ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ff45ed21e0fdb46acfea1707e3c483c7e1526de7a0494d4eae37e30e447b898

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16646
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5233120a3e1a8f6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:58 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E15E 5 KB
2 KB 50ms
47ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E15E 40 KB
13 KB 50ms
48ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E15E 2 KB
2 KB 24ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E15E 295 B
319 B 25ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame E15E 94 KB
94 KB 26ms
23ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/bg.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc1a9eec9dab80cc3600a3283d5860565dfcb91a1dc4873ec8aa4042f1390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96148
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 push1.png
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame E15E 4 KB
4 KB 27ms
24ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/push1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd6f32f3576fcf57805489535ce7751ef8ab1fff69d0797aabcdf47e97422034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4267
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 partner.png
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame E15E 1 KB
1 KB 27ms
24ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/partner.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9fded13f30398d146622136f1fabbcd57633085829ceafd558e7549ad23396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1252
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame E15E 1 KB
1 KB 28ms
25ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77536ea408bcc9468fb6bc0b929c3efba851225b3b7f377c17d0ad4c4de10cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 legal.jpg
tpc.googlesyndication.com/sadbundle/4156520426043453374/ Frame E15E 27 KB
27 KB 28ms
25ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4156520426043453374/legal.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff9b16ef21b4a69bc3f697c6b076369670a159ceff22f9b2730014f52f090f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:56:57 GMT
x-content-type-options: nosniff
age: 178491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27640
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 16:56:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E15E 0
17 B 79ms
76ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwsuKk_stY9btF5mLtwfJo6xQusOhy2y-zojRohCLgYbLwgEQASCixf4bYJWy-IGUB6ABy5fCvALIAQmpAolpDEbTXrA-qAMByAMIqgSkAk_QbzEQmsexXbH4zcCYF-3gwJrW6qqKRebinhNFUgAzp7u5XdC8JQUFC7lyZa8w5P1hwQJyn4wBNY_E8mJx50tBLhJbKsezcigJWKEI52LeEzHz0Og3pybpLzMvz9DqLXI_zLYqgkL1sAEfqGBAyFih7gS-cmtlKeQI6pM5f64xCnEBLG1SMuy-JB5jfukxC8r9A789H-Kwid0YgrgjGviHWTUtkmaiu7fN2h7kG6KbJIUIfNIWX6Q1XfsFFhqduvnYrE9BijkvzrNWjESDygpPKs_q-BOAShOTr1PsnPd1bpBOmCrI7yqTHW31Cw_xHAuxovKNv081u7pwkQxa8_kJS12Tpwh3n5H5BuUtmkMWWqHSbBiBQDRM83gqBeHM4pxMppzABJ2NyqaIBJIFBAgEGAGSBQQIBRgEoAYugAed6L3DAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJnJFdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMCiBQE0BUBgBcBshccChoIABIUcHViLTcwNzg2NDg5NTAyMDcyNDkYAA&sigh=gT6HAX57VRk&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame E8BF 36 KB
16 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:21:50 GMT

GET
H/1.1 200
OK c Show response
serve.popads.net/ 44 B
277 B 273ms
232ms Script
text/javascript 216.21.13.11
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://serve.popads.net/c?_=BAoAYy37lAFjLfuUgAGBAsAAINpDj9DFIdr-pve9JUbKoCmiTHI-CPvUUK9R1cV-H5XFwQBHMEUCIQDyUD3JQitHeGgDbUTtlBm3IrSSEliazuSIOW9FTN0LGQIgao8YMljS6mLfwFKI5i4Vkashcp_39UQsBNpOaQ4LNBnCACCobd87UQEWOBL_a6A4n9M6wPdEUH3XHA6_b9mx4EHv7cQAECABG2AQEAACEBEMrvKSXS_FABBfUxBzbeUsK46rcycF666BwwBGMEQCIF9VWsYSLStj9ePF07e5rxAiAJPYhZeQhAMfuiSkriiDAiA2MfQbNtBCqIOHYqLrFtC_81wrj84kAuwfBjsiADHVGw&v=4&siteId=2152285&minBid=0.001&popundersPerIP=1,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: HTTP/1.1
Server: 216.21.13.11 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:48 GMT
asf: 9
access-control-allow-origin: *
content-type: text/javascript;charset=UTF-8
popads-ec: ASB
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 44

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AF5 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:21:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4CC4 8 KB
895 B 43ms
42ms Stylesheet
text/css 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 17:49:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 18:31:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 4CC4 2 KB
902 B 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:26:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 4CC4 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:28:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 4CC4 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 4CC4 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:27:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CC4 140 KB
44 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 4CC4 33 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 20:25:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C6A 143 B
163 B 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 17:39:22 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C6A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

46ms
46ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 18:31:48 GMT
expires: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame DEA3 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:21:50 GMT

GET
H3 200 1033957693329404122
tpc.googlesyndication.com/daca_images/simgad/ Frame B269 39 KB
39 KB 23ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1033957693329404122

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a742b0948e52904ab3c9e44c87b649ea184cf3090e107b6cc4d648c4dc3a71c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:24:53 GMT
x-content-type-options: nosniff
age: 259615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39424
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 07:49:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 18:24:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame B269 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:28:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B269 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B269 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 18:27:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B269 0
0 29ms
28ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbHmDhX26--Xp8d3U_2-eZKGCUF_lCJq6wk4ue1SpeYh6nJJD-oV21zNf1L_jhbs8xJK48ueyhJE1pI2_RVzqb7K2sVQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B269 140 KB
44 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 18:31:48 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B269 32 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e9a6b83eabe383b954ff2ea312241161d6f422cca61b6531dd247028facd32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13557
x-xss-protection: 0
server: cafe
etag: 14526688295695256096
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 17:54:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B269 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8Z6tlPstY7SAB56U78EP2fC96AL8tr-YbKmJr5HdENnZHhABIKLF_htglbL4gZQHoAGewqGSAsgBAqkCWaIGyT1HsD6oAwHIA8kEqgScAk_Qokpglh5PdEF-ZeU9TfP3S2b4us48-w57pPBGBYkcPOXmsHXYIgxTlkngiejxDlOLvZuOd8GbfCDA25ajqfa9KzPOnTaU8qxx2dPZ4EfQZC8G5A5xb7iyGQJfw9BcnEOfX3i7MwEtF3uyO_DPSwjzVX1yGSaXzEv4s546_gAM92tEuEXL5K8dgQdhmJQHWPDAQllRvRHjqyXNnaN7QRJzQZkYYK97j2cmXdnHsFmt4WNtyLt3-8hyvgWr3qBtPM6pgBcUFliQV-6guDoMuE_nhw8ESo0a3TVFD500-o4XkyLFVoTdEyNynhauRjgPiao08RYxH5tcjxcvIwxPONyVdJQIUf82VNMvAkstwOxmggQHlS2ScrKXntsawATxqpvHkQSgBgKAB8q93u0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnOwj0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNzA3ODY0ODk1MDIwNzI0ORgA&sigh=wY38LS2dJjk&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5886 143 B
163 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 17:39:22 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C10F 1 KB
749 B 34ms
33ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Sat, 24 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B269 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3858269dedba9727e0aae8ed7045eefc3e526f721c8b185b92653a0797414ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5886
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

49ms
49ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 18:31:49 GMT
expires: Fri, 23 Sep 2022 18:31:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C10F 35 B
464 B 94ms
23ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHQrAAb_nx9UGP8-354J_Rs&google_cver=1&google_push=AZmPxg8e3z-HnsP7S04ddixI9DUuhAYz8CD166CgBzZNHJefDeakpOz1M9Mb5AAdh70G3UDQfzv0_rRRuiI9tyQD6Iqgay8EvgQf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELZKHc7LkJp6yV_i1G1y2Ak&google_cver=1&google_push=AZmPxg9-aaMcSmc682OEuYub4ujPq3pPeWpx9HwjX91Y2kx2ALAUYfVHG2BKsX5V6wfoVvf4FxQ44E3Fty6tNho2Ax2IGY_KwCni
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9-aaMcSmc682OEuYub4ujPq3pPeWpx9HwjX91Y2kx2ALAUYfVHG2BKsX5V6wfoVvf4FxQ44E3Fty6tNho2Ax2IGY_KwCni&google_hm=Q0FFU0VMWktIYzdMa0pwN...

170 B
188 B

78ms
35ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9-aaMcSmc682OEuYub4ujPq3pPeWpx9HwjX91Y2kx2ALAUYfVHG2BKsX5V6wfoVvf4FxQ44E3Fty6tNho2Ax2IGY_KwCni&google_hm=Q0FFU0VMWktIYzdMa0pwNnlWX2kxRzF5MkFr

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 18:31:48 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9-aaMcSmc682OEuYub4ujPq3pPeWpx9HwjX91Y2kx2ALAUYfVHG2BKsX5V6wfoVvf4FxQ44E3Fty6tNho2Ax2IGY_KwCni&google_hm=Q0FFU0VMWktIYzdMa0pwNnlWX2kxRzF5MkFr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C10F 0
98 B 86ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg98O2a1ytl1DzDssHFGaAeOM_dSdG31wRbmxRo1JiAclP7pe9HhI-t7ThlK35eDojDjMgvfZyhrCCHFDfqSjUxTr5O3Csdm&google_gid=CAESEEnn3qxLto9-kUMEaBrqziE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=280&adk=4025531508&adf=751470622&pi=t.aa~a.195916350~i.29~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1663957908&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3273460602&ad_type=text_image&format=630x280&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1663957908034&bpp=3&bdt=2453&idt=3&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e9f6a7e811569a9-229bfeea2ace009d%3AT%3D1663957907%3ART%3D1663957907%3AS%3DALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ&prev_fmts=0x0%2C728x90%2C728x90%2C300x600%2C120x240%2C250x250%2C120x600%2C0x0%2C1600x0&nras=2&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=10&uci=a!a&btvi=7&fsb=1&xpc=mdIPHkq3xH&p=http%3A//windowsmatters.com&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-Z2oQn...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-Z2oQn...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjMxODMxNDkwMDAxMDEwODQzNzk2NQ%3D%3D&google_push=AZmPxg-Z2oQnYvJJjsTL5T0yTsdMBYV0cLrpCPX9PdsheZXUpvmbvKbO7k2s98q3_xApDy...

170 B
188 B

35ms
34ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjMxODMxNDkwMDAxMDEwODQzNzk2NQ%3D%3D&google_push=AZmPxg-Z2oQnYvJJjsTL5T0yTsdMBYV0cLrpCPX9PdsheZXUpvmbvKbO7k2s98q3_xApDyjm2nGUiY0PiwprROzw8kpS3Jv4gtA

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjMxODMxNDkwMDAxMDEwODQzNzk2NQ%3D%3D&google_push=AZmPxg-Z2oQnYvJJjsTL5T0yTsdMBYV0cLrpCPX9PdsheZXUpvmbvKbO7k2s98q3_xApDyjm2nGUiY0PiwprROzw8kpS3Jv4gtA
pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 23 Sep 2022 18:31:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECrB6kltw-NUkWm6iEv7Te4&google_cver=1&google_push=AZmPxg9pmmQAgiCMwTGGBcdybXR7GtV28xMdaA3sIFt2201tekUTRUOaHgmphQ3gUh8dfSIXCOz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVEtSUEYtNi1DTDJD&google_push=AZmPxg9pmmQAgiCMwTGGBcdybXR7GtV28xMdaA3sIFt2201tekUTRUOaHgmphQ3gUh8dfSIXCOzZv7yWz7MS1y3nyYwKkckRkRg4

170 B
188 B

58ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVEtSUEYtNi1DTDJD&google_push=AZmPxg9pmmQAgiCMwTGGBcdybXR7GtV28xMdaA3sIFt2201tekUTRUOaHgmphQ3gUh8dfSIXCOzZv7yWz7MS1y3nyYwKkckRkRg4

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFVEtSUEYtNi1DTDJD&google_push=AZmPxg9pmmQAgiCMwTGGBcdybXR7GtV28xMdaA3sIFt2201tekUTRUOaHgmphQ3gUh8dfSIXCOzZv7yWz7MS1y3nyYwKkckRkRg4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_hm=Yy37lZr7U6LiU3nPblg3SgAABKkAAAAB&google_nid=index&google_push=AZmPxg_Dms6DDa4VzV6GsM2y-ZJTe71ZGmKit...

170 B
188 B

33ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_hm=Yy37lZr7U6LiU3nPblg3SgAABKkAAAAB&google_nid=index&google_push=AZmPxg_Dms6DDa4VzV6GsM2y-ZJTe71ZGmKitnwuof6Dwo0dNvyx0SoYyAqotkZ6i6wHMwU_faLC5dDyUxn9ZhMdSGTTXcInA1R9

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/2019/09/01/gandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0n674dXupsliywirWiNKHO4OxeZg8OKGcFZ03YSud%2Flnmry6e5sZX5KwheZfP0Y1eWz%2FHh18s3MDBMvAXkWWsbwe%2FqacTzJF%2FhuzbTy5JgWjMPdyXnzAod2gQ9KJdffJjHJtMEMLbnr4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiI2DR-VSIZ7WDjUR1wBOw&google_hm=Yy37lZr7U6LiU3nPblg3SgAABKkAAAAB&google_nid=index&google_push=AZmPxg_Dms6DDa4VzV6GsM2y-ZJTe71ZGmKitnwuof6Dwo0dNvyx0SoYyAqotkZ6i6wHMwU_faLC5dDyUxn9ZhMdSGTTXcInA1R9
cache-control: no-cache
cf-ray: 74f55c03ebacbbc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame C10F 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C10F 0
223 B 87ms
28ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICBw8j05G5uJ5aeq8xsFT9ERqOlee4K1NcObEsOcm12MyzJ33V8IQZq3kcPmP0r-Xw7dJ4fQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 84C4 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:21:50 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame D539 220 KB
60 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=1839244030&adk=1023043548&adf=2060455649&pi=t.ma~as.1839244030&w=300&lmt=1663957907&format=300x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907176&bpp=3&bdt=1594&idt=160&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=966&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=DUkBFn0acA&p=http%3A//windowsmatters.com&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame D539 14 KB
5 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame D539 94 KB
28 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame D539 33 KB
10 KB 43ms
40ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-carousel-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f1507cdd747d72d9fe47ed4152639c3f85b4742a5a40ab624d3ae72174c2834

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10106
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f0b6fbadd46c817e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:09:00 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame D539 5 KB
2 KB 40ms
37ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame D539 40 KB
13 KB 41ms
38ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame D539 6 KB
2 KB 42ms
39ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777ac2fe83a69b31fdfc9380a9e8258c75a628bd6c877a00f4465d0ec6e14d83

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 350567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2441
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:09:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4be2457717882240"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:09:02 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D539 2 KB
2 KB 24ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D539 295 B
330 B 24ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D539 0
17 B 71ms
68ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkqUOk_stY9vEGYux6gTYvJdAk-6LymzBjIbOxxCchpPAsAEQASCixf4bYJWy-IGUB6ABx_DjjQPIAQmpAolpDEbTXrA-qAMByAMIqgSfAk_QkHxblxZWtD6ehfM1CX6KPC2sCfbmJ0pRa3UMp6ic0hC_yFoZn3W98QdpvyQ6ZI286ODFbafozji0fM0E4UyjWfRvKvC3n2LbIV3Q9TE8ydRpuBubz6JqjZHwibX5CDWmHHj2bV0fqaKtXu5wOZG4cwo6BBbUsGQU1pvwrrNAK6raYcxkdkVUJ9YKeQ_rPkEcsh793B0CzWDuFp-c_rPjjYzhSOEJ15JqmhpT8pOj4eUmckEl0_wz7BkUsvH7fvH3D6BeS344_75aQzYmrrmUdRqirFH1AUiybsx0pkujhgbhR74z_rB03RJb_X1pNLXTTJf2BjLtNaKW0Re5gX_yf1upM2EYmF7L4VnGisdb2mxgW7zDZEKAIRyM-MtnwASW2fbWggSSBQQIBBgBkgUECAUYBKAGLoAHh8iicqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENbVG9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTcwNzg2NDg5NTAyMDcyNDkYAA&sigh=wrgnB6IXv5Q&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7078648950207249&output=html&h=600&slotname=1839244030&adk=1023043548&adf=2060455649&pi=t.ma~as.1839244030&w=300&lmt=1663957907&format=300x600&url=http%3A%2F%2Fwindowsmatters.com%2F2019%2F09%2F01%2Fgandalfs-windows-10pe-x64-redstone-5-build-17763-version-09-01-2019%2F&wgl=1&dt=1663957907176&bpp=3&bdt=1594&idt=160&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=7519203011655&frm=20&pv=1&ga_vid=1404258740.1663957907&ga_sid=1663957907&ga_hid=686389514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=966&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C21065724&oid=2&pvsid=4037625128239861&tmod=1742167969&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=DUkBFn0acA&p=http%3A//windowsmatters.com&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 18:31:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 img1.jpg
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 39 KB
39 KB 30ms
27ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/img1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba4c474e31331ed8f60b9d54deeb7f953b6c9b76c3579519b5d718e31a79a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39958
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 co2_1_1.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 14 KB
14 KB 33ms
31ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/co2_1_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e0a2e5289c4bc191e441bd8d7b2342ba141b8bd424d2325f2f1a528401da11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14691
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl1.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 1 KB
1 KB 35ms
32ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e921d84b9427919ebf0e2d90fee494dcd612e898a81bea8b5b295fad5f51b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 img2.jpg
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 33 KB
33 KB 31ms
29ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/img2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4beeac8cf18241c98d318d0b693c309b8950039a7e539cb6d9ad12f4406b639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34251
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl2.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 1 KB
1 KB 34ms
32ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce760ab6fd7f91112c08ec54e5671332ccb64a82e194a3a737ecc7544eb06858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 img3.jpg
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 31 KB
31 KB 27ms
25ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/img3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8887794e7fbb63524ca3c54594142818052d55c9897f236b9fa7055cb6547e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32051
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl3.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 2 KB
2 KB 34ms
31ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c205a2f5169c155811bdedb8e7a5c89d3ba2c42c7422604bafcb8664294977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1951
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl4.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 2 KB
2 KB 33ms
31ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196e3e7999e7676416154a50c2a392c82139fa61c984ce19c1e496ee787e00e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1755
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 3 KB
3 KB 37ms
35ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c206d69c9783048745a12d236d6f5dd4aafe309bed73bc0e1f607ce0cf465ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3464
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 11 KB
11 KB 36ms
34ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07604dc129268679d2b080186154422ddeeba0f411ecbe6d18c05e05f95505ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
DATA 200
OK truncated
/ Frame D539 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 614d50f6a25947a0c2821036ff9b00168e76708a528f35b850d801f02727db15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 75ms
75ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windowsmatters.com
URL: http://windowsmatters.com/wp-content/uploads/dkxqne.js?ver=1.1.5

Protocol

HTTP/1.1

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cc0f6bfe9cdfed4788348c670dc5954829f11dfe7361c4d37d8040229c5ac35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 23 Sep 2022 18:31:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4936021956493297885
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 58101
X-XSS-Protection: 0
Expires: Fri, 23 Sep 2022 18:31:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 148ms
79ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a09e08ff34f8a0b646e7346e4c06c57beb8aa3a42c1cfc16233ddd823268a632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 18:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11145
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D539 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D539 295 B
330 B 22ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 24 Sep 2022 09:51:18 GMT

GET
H3 200 img1.jpg
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 39 KB
39 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/img1.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba4c474e31331ed8f60b9d54deeb7f953b6c9b76c3579519b5d718e31a79a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39958
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 co2_1_1.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 14 KB
14 KB 23ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/co2_1_1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e0a2e5289c4bc191e441bd8d7b2342ba141b8bd424d2325f2f1a528401da11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14691
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl1.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 1 KB
1 KB 25ms
24ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e921d84b9427919ebf0e2d90fee494dcd612e898a81bea8b5b295fad5f51b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 img2.jpg
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 33 KB
33 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/img2.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4beeac8cf18241c98d318d0b693c309b8950039a7e539cb6d9ad12f4406b639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34251
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl2.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 1 KB
1 KB 27ms
25ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl2.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce760ab6fd7f91112c08ec54e5671332ccb64a82e194a3a737ecc7544eb06858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 img3.jpg
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 31 KB
31 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/img3.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8887794e7fbb63524ca3c54594142818052d55c9897f236b9fa7055cb6547e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32051
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl3.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl3.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c205a2f5169c155811bdedb8e7a5c89d3ba2c42c7422604bafcb8664294977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1951
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 hl4.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/hl4.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196e3e7999e7676416154a50c2a392c82139fa61c984ce19c1e496ee787e00e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1755
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 3 KB
3 KB 29ms
28ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c206d69c9783048745a12d236d6f5dd4aafe309bed73bc0e1f607ce0cf465ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3464
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/9107572467047977419/ Frame D539 11 KB
11 KB 29ms
29ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9107572467047977419/logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07604dc129268679d2b080186154422ddeeba0f411ecbe6d18c05e05f95505ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:52:10 GMT
x-content-type-options: nosniff
age: 383979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 16:33:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 07:52:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 18:31:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC7F 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:25:08 GMT
expires: Sat, 23 Sep 2023 18:25:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 72CB 783 B
535 B 30ms
30ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

148b22dc7f074b74fe6fa19029a0a3987151196f81aeb805d3a46773ed3e81fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u8Vn85qB6qMtyi3_Gqwxvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-u8Vn85qB6qMtyi3_Gqwxvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:31:49 GMT
expires: Fri, 23 Sep 2022 18:31:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame BC7F 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:21:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 72CB 0
0 66ms
65ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=4037625128239861&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9DC4 42 B
64 B 69ms
68ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbeSh-43Nscf9k_9Z18mmZfA486Q3R9uI7cvbZLUFNMoqFIXlkfPJGpy848o-qzEUjuUQ6MD-k-8nONlIhQ5EREoi2SQ18rHaEkwYsRvVwE98irYBncNqCAFJH1oIkhImCN0xKPLx1IDs9uWTcVpANrTaT_sBiqIsRrghc06Fuet26_NwsHJXZz-tzzUGciPVvBGjxhEIr80m7C4cofe3rfuY0o9c_SUUkpKtWw2e1aGBrDcEk14OfapIO294EiXpYdswX8F4WeQmQ7KwauAqdfoGJFShOxq1pqnnxruAxhusI9jNNPRPJ8Zhx3xcGCL1qqglifyHIvQvn_vTFor5wbQNNVCsL_b4IT7r6Sjx1JKeixftyn_-TUH6-mxZFxkNg-DMtXC8H56Y-JZsDkh-4BD_rH9hNZiUtvYM8NFkI890ky4xXO4-xQAG5Q01ebj7UBrxG9taGID_8rvjdLRXN3p5nGYuhl_W7NMNQgw--vbIFhpsEuCxlrNKdoeMeqe6DLVIkSrm01CMlwhTWEIOI5_PhDVDdu5lho8d0BoQhcshGWmw7wcxNI6SOMV_zO4NtvhnSsclH4VkKvXzDWEDTn3MVxfK0LTBgDwoY30wGjlxRmzxnN-pfIZX2LbjvTimneaNRnDaBf2DUHt8NCf6XCeLhWtJZifnSLDQUIQIs07FT0BA808xHYn482KDQr_yPQDi7knKdqEvtkd_KeM9wAWvJjZwZzp0Y0ojsq1y___leuuL-pHs-52tsZwrur3wr0HHVzBYQD_V75l6x-_PYcYPWKxK8EqwGovHAAeZJIRRH1wtVqcH-HEmFi9olBLG5g3uYClTv1V8dQsQx1pntDBs8q2JE1cBEDlV972sGhTK3wIJXK-qo6XEofh0-j8EZUh3GX1cSCXIfPiGG1X6A5MAlLzT_gfkZseWhBDG984eydKQuFMRY5SIGp3oQfMWaa2glbDLcuVu3aWG9JYe8F-fPYWl1x3rvG2d_srnDHh44iSAYW6IqFDHmKvqiP3pN7JOTu3AJINue2d_5JPJbTL4TepAmdR5Vrxp7Ez1oZ_j207cPIwqr9FvjtvIJ6QFM6cqxHiEbX1CM&sai=AMfl-YRB7Fxnq8Boje0iEuwefN1gnwGJ471COxtTf1T1ZIprhRNkhy7ouzIyKwdD49NAT9z9UYOYctuLwAJv1z0O-SV36U8VM36DZw&sig=Cg0ArKJSzCOI6oPGzxd5EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1582131686&rs=2&la=0&cr=0&vs=4&r=v&rst=1663957907328&rpt=1199&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC7F 0
12 B 21ms
21ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R_ka1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:31:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=4037625128239861&bg=!9_Sl9LDNAAYIxsuQKMY7ACkAdvg8WqynHdB94hXiZoCfbZ-n77GGaXkVxWXltejOLkwaJGivbQ3jXQIAAABSUgAAAAFoAQcKALX9ffqRW-uGpm-l_UGctarpzzjSiYd9nP2lLYQwD3WltdIN3h0h9fam5Ia8jHpzytWM1i1NfxzqhmPEiqaxPDr6_svAVi5OQCM3XFylzzhCEd0osRFji9DRX33TCvtYxLTonbsnA5iHXc582YFrKwkzxFOwcwhI6fy04qRvD23gY-HfZOe0dus12lYCHAY7uv4lHs8JiYrIjIPROpdkda_7lS_l5jv-xNQwfVuJB4ahDu56LAjbmQKeJ81-a16lSbIjhiaECZi41uA-kuSvvtithr1MfRSh5HD1ku8WYzHvnVJKHc0wNdR4vEPr914Hnj8E1t29kttv2kSJyykpl3t5SMVyidUJO6M9iPjAcHg-jxUZm3bbh9kTBKshit78LuPhJrVx8yAQY1ptY9AzfdiJMovj0SQIO8LG2f8zcM97bW802LvTWPis6nDtYCqML1lQamloq81bwYjNdHUXfEwGV9K_IisX52JxbLAavVKgEP_JbdG7RBKOSfNyujzDHAuuFD2h-IXv6dX1GPp9WK5-D-qz5NeGIkKos70mjLjAKVdOmYvNqRgE-Ei8E-ge1a8e2kpAS3Tx58vqhBdpQ_72eoemMbrmyKPQxvT6PBOZQhz3plhEQLNS6HXJQn2G0u96mqtVoRHdDjhi5D0cS07PsRbocHJsC10dYY-2eVf7Fl4kQQduWp-J-ozMo4CD1_lH_abBdBRiclVmKcnEj-kPD_yKH1i5iuuC09dwc05vI7WfrocehkMo2lh3q7YbXUDGtrimDIyeK4bWPNama9AF1vri54ibm-xbA1WEmUmWQUdtq1_r3ZvgvfiNqcF6T58kZUIjlGr9i9y3suFDz1SmTi6C8p1sUFck-iQc0RK46weXprd_riao_-RxZ7e004c5BjDKATVA78kgc6NTD_-5tCiIFCUMHFPYDhdzwc907jJ5B3IgPEGt8mCOe1rspN5t82hgXfc8Eo8jpkXG2xmZdPUofLb8ho1dgyx1IiRABSAPAT6asMJPv30AEQRxkkFP3vZAgGSxhN-3EXYojTp5PdSXavIba8uQX0X0pxMgMU6JCFiA9Bv_U2PMkzaNxuIt-AUUHGcjuwGsXRftAeoK7KmzHVoI8cjBvQy68SU6KSOQtDb6wQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 / Show response
1b3785b510.78ab4874ae.com/health/ 0
201 B 107ms
27ms Script
text/plain 2a01:4f8:252:564d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1b3785b510.78ab4874ae.com/health/
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:564d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://windowsmatters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 18:31:51 GMT
server: nginx/1.16.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET /
1b3785b510.78ab4874ae.com/get/ Frame 3D92 0
0

GET
H2

200

1x1.png Show response
cdn.1vag.com/ Frame C11F
Redirect Chain

https://1b3785b510.78ab4874ae.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImMiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkdhbmRhbGYl...
https://rtbrennab.com/banner/in/show/?mid=1359920686&pid=0&site=12363&sc=DE&usage_type=DCH&subid=1138258503&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=...
https://btds.zog.link/in/912/?sid=12363&source=1138258503&idzone=0&w=1&h=1&mo=&ve=&site_id=12363&utm1=&utm2=&utm3=&utm4=&ad_tags=Gandalf%E2%80%99s%2CWindows%2C10PE%2Cx64%2CRedstone%2C5%2Cbuild%2C17...
https://cdn.1vag.com/1x1.png

68 B
334 B

126ms
19ms

Document
image/png

45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.1vag.com/1x1.png
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: http://windowsmatters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 68
content-type: image/png
date: Fri, 23 Sep 2022 18:31:51 GMT
etag: "5e970c67-44"
expires: Fri, 23 Sep 2022 19:31:51 GMT
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
server: nginx/1.20.1
x-proxy-cache: HIT
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 18:31:51 GMT
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
server: nginx/1.20.1
vary: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: http://6.adsco.re/

Domain: 4.adsco.re
URL: http://4.adsco.re/

Domain: tds.terelinkman.info
URL: https://tds.terelinkman.info/tds/in?typeId=2&spotId=270&categoryId=3

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIIL5-mOrUfM449hTvOGLmg&google_cver=1&google_push=AZmPxg9IXgPHeOgG20E24F-go2Vo9cSY5KHeJPk4Tu5b3AmLr1c4vXb0xytW8VmJVncy-4t3YUM2BlBHqqvZ49onSjJgy2Mtf3vH

Domain: 1b3785b510.78ab4874ae.com
URL: https://1b3785b510.78ab4874ae.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImMiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkdhbmRhbGYlRTIlODAlOTlzJTJDV2luZG93cyUyQzEwUEUlMkN4NjQlMkNSZWRzdG9uZSUyQzUlMkNidWlsZCUyQzE3NzYzJTJDdmVyc2lvbiUyQzA5LTAxLTIwMTklMkMlM0ElMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxMTM4MjU4NTAzIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTIzNjMsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTIzNjMiLCJjYXQiOlsiSUFCMjYiXSwicGFnZSI6Imh0dHA6Ly93aW5kb3dzbWF0dGVycy5jb20vMjAxOS8wOS8wMS9nYW5kYWxmcy13aW5kb3dzLTEwcGUteDY0LXJlZHN0b25lLTUtYnVpbGQtMTc3NjMtdmVyc2lvbi0wOS0wMS0yMDE5LyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiJkNTBmZmEwMzQ2YzhmZjBmOGZjNjAzNGM5ODVjNTYwYSJ9LCJleHQiOnsiZHQiOjE2NjM5NTc5MTEzMDB9fQ==

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windowsmatters.com/	1970-01-20 06:12:38	Name: mc_session_ids[default] Value: 72c56daa27fe0b996a66092aba4d7ad59d573644
windowsmatters.com/	1970-01-20 06:12:38	Name: mc_session_ids[multi][0] Value: 81420813aaea514cb58da3710d5946918434a054
windowsmatters.com/	1970-01-20 06:12:38	Name: mc_session_ids[multi][1] Value: 51b948c7faf13d26ab78d2eb18d8b01aa62133ed
windowsmatters.com/	1970-01-20 06:12:38	Name: mc_session_ids[multi][2] Value: c0c3c61bb880c81817520ae0ee6908b959ee4489
windowsmatters.com/	1970-01-20 06:12:38	Name: mc_session_ids[multi][3] Value: 29d0305f40c0b7b8270abcb5df7b42ee56cb5144
windowsmatters.com/	1970-01-20 06:12:38	Name: mc_session_ids[multi][4] Value: ba702509a21e657eb1e2460304ea99e9c559be11
.realsrv.com/	1970-01-20 15:48:37	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632dfb92d7c566.873346954044167287%22%3B%7D
.windowsmatters.com/	1970-01-20 15:48:37	Name: _ga Value: GA1.2.1404258740.1663957907
.windowsmatters.com/	1970-01-20 06:14:04	Name: _gid Value: GA1.2.2117890746.1663957907
.windowsmatters.com/	1970-01-20 06:12:37	Name: _gat_gtag_UA_49011023_1 Value: 1
.windowsmatters.com/	1970-01-20 06:12:37	Name: _gat_gtag_UA_158063529_1 Value: 1
.windowsmatters.com/	1970-01-20 06:12:37	Name: _gat Value: 1
.paypal.com/	1970-01-20 15:48:37	Name: ts Value: vreXpYrS%3D1758652307%26vteXpYrS%3D1663959707%26vr%3D6b9eb7681830ad04bb910a36fe7ea51e%26vt%3D6b9eb7681830ad04bb910a36fe7ea51d%26vtyp%3Dnew
.paypal.com/	1970-01-20 15:48:37	Name: ts_c Value: vr%3D6b9eb7681830ad04bb910a36fe7ea51e%26vt%3D6b9eb7681830ad04bb910a36fe7ea51d
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: tiLRNincEzo
.windowsmatters.com/	1970-01-20 15:34:13	Name: __gads Value: ID=0e9f6a7e811569a9-229bfeea2ace009d:T=1663957907:RT=1663957907:S=ALNI_MZRdYA40T6BHmSrH-l41hWjEfqxUQ
windowsmatters.com/	1970-01-20 06:13:03	Name: a Value: EZgoIpHMFgUcmODqB5hZiia52bPueUTE
fp.metricswpsh.com/	1970-01-20 14:58:13	Name: id Value: 4879835913076155096
windowsmatters.com/	1970-01-20 06:12:59	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYy37lAFjLfuUgAGBAsAAINpDj9DFIdr-pve9JUbKoCmiTHI-CPvUUK9R1cV-H5XFwQBHMEUCIQDyUD3JQitHeGgDbUTtlBm3IrSSEliazuSIOW9FTN0LGQIgao8YMljS6mLfwFKI5i4Vkashcp_39UQsBNpOaQ4LNBnCACCobd87UQEWOBL_a6A4n9M6wPdEUH3XHA6_b9mx4EHv7cQAECABG2AQEAACEBEMrvKSXS_FABBfUxBzbeUsK46rcycF666BwwBGMEQCIF9VWsYSLStj9ePF07e5rxAiAJPYhZeQhAMfuiSkriiDAiA2MfQbNtBCqIOHYqLrFtC_81wrj84kAuwfBjsiADHVGw
.doubleclick.net/	1970-01-20 15:34:13	Name: IDE Value: AHWqTUkIdBINlbRtd_c9ensQuyQo1icEfeGeQMxlPFtL0xk_iIf4mbzUWq50kyY4TjA
.doubleclick.net/	1970-01-20 06:12:41	Name: DSID Value: NO_DATA
windowsmatters.com/	1970-01-20 06:12:59	Name: _popprepop Value: 1
.quantserve.com/	1970-01-20 08:22:13	Name: d Value: ECoBCQGVJ4EA
.quantserve.com/	1970-01-20 15:42:52	Name: mc Value: 632dfb95-069f4-53b6f-f25d2
.casalemedia.com/	1970-01-20 14:58:13	Name: CMID Value: Yy37lZr7U6LiU3nPblg3SgAA
.casalemedia.com/	1970-01-20 08:22:13	Name: CMPS Value: 1193
.casalemedia.com/	1970-01-20 08:22:13	Name: CMPRO Value: 1193
.agkn.com/	1970-01-20 14:58:13	Name: ab Value: 0001%3APf219cGhfN9IFHs1wyvFa3wI11T4I0Jg
.agkn.com/	1970-01-20 14:58:13	Name: u Value: C\|0CEAqwLgVKsC4FQAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:22:13	Name: CMTS Value: 5151
.doubleclick.net/	1970-01-20 06:12:38	Name: test_cookie Value: CheckForPermission
.e.dlx.addthis.com/	1970-01-20 15:42:52	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:42:52	Name: na_id Value: 2022092318314900010108437965
.addthis.com/	1970-01-20 15:42:52	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:42:52	Name: uid Value: 632dfb95d2f02961
.addthis.com/	1970-01-20 15:42:52	Name: ouid Value: 632dfb950001c9d94429f3634602f7ee078b65258e6944062b90
.dlx.addthis.com/	1970-01-20 06:55:49	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:55:49	Name: na_sr Value: 20220923
.dlx.addthis.com/	1970-01-20 06:12:37	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:55:49	Name: na_sc_e Value: 0
btds.zog.link/	1970-01-20 06:14:04	Name: 912.0 Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://www.paypalobjects.com/EN_US/i/scr/pixel.gif Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://tds.terelinkman.info/tds/in?typeId=2&spotId=270&categoryId=3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIIL5-mOrUfM449hTvOGLmg&google_cver=1&google_push=AZmPxg9IXgPHeOgG20E24F-go2Vo9cSY5KHeJPk4Tu5b3AmLr1c4vXb0xytW8VmJVncy-4t3YUM2BlBHqqvZ49onSjJgy2Mtf3vH Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg98O2a1ytl1DzDssHFGaAeOM_dSdG31wRbmxRo1JiAclP7pe9HhI-t7ThlK35eDojDjMgvfZyhrCCHFDfqSjUxTr5O3Csdm&google_gid=CAESEEnn3qxLto9-kUMEaBrqziE&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b3785b510.78ab4874ae.com
4.adsco.re
6.adsco.re
a.exoclick.com
a.realsrv.com
accounts.google.com
ads.exdynsrv.com
adsco.re
adservice.google.com
adservice.google.de
apis.google.com
btds.zog.link
c.adsco.re
c1.popads.net
cdn.1vag.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d7ad7b60ba.78ab4874ae.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i0.wp.com
id.rlcdn.com
js.cabnnr.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
na.nawpush.com
notification.tubecup.net
pagead2.googlesyndication.com
partner.googleadservices.com
pgflgaaaswd1.l4.adsco.re
pgflgaaaswd1.n4.adsco.re
pgflgaaaswd1.s4.adsco.re
pixel.rubiconproject.com
pixel.wp.com
rtbrennab.com
s.w.org
serve.popads.net
ssl.gstatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
syndication.exoclick.com
syndication.realsrv.com
tds.terelinkman.info
tpc.googlesyndication.com
windowsmatters.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
1b3785b510.78ab4874ae.com
4.adsco.re
6.adsco.re
googlecm.hit.gemius.pl
tds.terelinkman.info
104.111.215.191
104.18.18.126
151.101.193.21
151.101.194.133
157.90.84.244
162.252.214.5
172.217.18.2
185.200.116.90
185.200.118.90
192.0.76.3
192.0.77.2
192.0.77.48
192.145.233.49
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3a
216.21.13.11
216.58.212.130
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::200d
2a00:1450:400a:801::200a
2a00:1450:400c:c0c::9d
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2001
2a01:4f8:252:564d::2
2a02:128:7:5936::2
2a02:6ea0:c700::10
3.123.239.111
35.244.174.68
38.132.109.186
45.133.44.24
45.133.44.25
69.173.144.139
78.47.199.202
95.211.229.247
01e9a6b83eabe383b954ff2ea312241161d6f422cca61b6531dd247028facd32
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
064de246adc3045a5f072834a0a9c108c890a08eaca2804afd5652fca6c58eea
072972bfca957718b8a4f40087dc3a9eba842938a1a166696e845bd9779d0698
0737860fc2477f17249d37882b000302ad1e25c8a553ace1ed85c90ec78b15af
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
07604dc129268679d2b080186154422ddeeba0f411ecbe6d18c05e05f95505ef
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0fef155cec78b92369b7e356996c1fbf5da494ea0c8ef5c6da877fd266c301b5
148b22dc7f074b74fe6fa19029a0a3987151196f81aeb805d3a46773ed3e81fc
162e25b6fe49fb7b2330177a224463d29489f11d76066a6afa9c57b468ae5d29
164ecde62c8049d8b99052d703561a958aee06fd5f1ed9d939f9a28686d78a16
17873839002d03ab8fa17154069088fc10f6e37b8f98a264f3cdb16fb4a8d7af
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196e3e7999e7676416154a50c2a392c82139fa61c984ce19c1e496ee787e00e6
1cc99bf2588ad3d83408511afd8f918238a4979f66aff714773a426c83e3ac8e
23167737226fd39fc3e3dd17566620cc85ca31ea08563081c6fe0d48f12f259c
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
29edb89f7b40f0c87cbbfd0b6079a11e461ee20a2639a45fdca31f5ade5eb349
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e3b485aea55217530b11367a46be1a5e5b5ceec431e317c0fc6c2e0d1671522
2fca2c2f93c60efc2316c63ba416f4453c91c1eb873e9902564c507d0b6e13f7
318e59342497b4d223f663453754aa0d7033ffa93c7a10300d70651a19ac9268
32f7d854e2516ee02b899fff4ab9742612479d7bde3474785e50779b5c3fe318
3457081a26b625bd0e0012bf055facad189746130c85bf52bfbd4335fb9844be
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3792597d9198a046c986ee23989d757a22a52cb5cba32595207ee8736728011e
37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5
37c47f8befa56b8975c6ab62963be963aa7fa2c95dccd708de1749d2d9e5eedd
3858269dedba9727e0aae8ed7045eefc3e526f721c8b185b92653a0797414ec5
3f1507cdd747d72d9fe47ed4152639c3f85b4742a5a40ab624d3ae72174c2834
3fbfc069816c4d95cd310eae7e2ad5122b508a7faf2e8603748408d6fa1d0313
400f47b94ac4b3fea4a1e1551cf2f87847fdd9aa75b58bf3a8404048cd2553f1
47573904cde496eb48f853e3cd02db12d53fc7a02cc156359cad575e955f5c9b
47ed02e53484f4f328e18e6143007b3acec615d6f2221700090ead35e40956ef
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b9b00229580beb9ad42a599b53f1935c6fb76b072b9f4ab88202754e1924544
4beeac8cf18241c98d318d0b693c309b8950039a7e539cb6d9ad12f4406b639c
4c740274f4f1569613bd1938d5346668531abe8f92d2b5704abeb931ed16137c
4d0b4e324bf4dce03eb4bce7335f122d0fb57d5af3616845c7aadafe90f57cae
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0399ca95fb11fb7ca93f09df4b115fba2865e6f85798ea5376be5d0c648c57
4f7d85f2e70e939455eb554762bf3e5e6772c342799e598ca51345b7f42ef6d7
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
52aa89c637eb88de621d3adbdf2c2302d67e8c79b377ba4cf10ac878c25b149d
52d26f7ff601d52ef32b66e586102eac20607e508749fd1d56dcabaa0bf1f3b6
53738fd15375cb06ba62fe090679cf742286d4e126f0f32dc4828eede9c256fe
5438ac135485b08f386c6c120f67cee9054388b76661f9819c7dd7d595725fe7
555d5195d9e6b6bbd648eccc1ec41fd5f018484a0ef5ef5c8f27753372f22942
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d6c227c07732d8eebf25356abec8412517b3d12dcc6f59275008b130b41240
589abea73de2aa06e85e9c29f851a3ed43c6599794e99a2035230dd1f2ad5a4b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5e948824cd3a162673539468c7c5c691911553e26537f1f37d6c9bc6f824c005
5fccaa31901582c13d101cf8555096f7ea0ab4c06148eb9aac061fcd723c3603
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
614d50f6a25947a0c2821036ff9b00168e76708a528f35b850d801f02727db15
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3b0a9bc40fcad7b27c136b74412eab8cee356753e002709f46a6c3306c6fca
6f461ff42026ad9d283e13d82066e1e1871997992d23018f1c2b50b1e7c4fbff
7473f64af470da03635bfc51a75f6c0f9ef5fa0b210c170277ef9a091993c193
77536ea408bcc9468fb6bc0b929c3efba851225b3b7f377c17d0ad4c4de10cb5
777ac2fe83a69b31fdfc9380a9e8258c75a628bd6c877a00f4465d0ec6e14d83
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
7a96e17d23fa3740c6f6b7e846953dca633c858ab4cb354c9d310c438dfe3836
7e789059cac7d9d61233b973c4f04cd20c69b0b34f9f8ea74c045021feb5428e
7ed55e1ecf885c931a83cfc6b3c149e750fcf1b3aae0e30547b9f535f2d4555e
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad
819349c8d2f45f65dcbb43d78ce4cfb9c4ffb8bcd8b47bccf699ea48561b4699
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844ec30730cdcc8d5210ff82a31360d135c95064d1e4f20048205446954c6be4
883970cc29ba7e2ab45022da3e3a491c43a83008de7bff5c92b8b5c572edb600
8887794e7fbb63524ca3c54594142818052d55c9897f236b9fa7055cb6547e07
89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b73587e78ba95ef6443bc41d1d03cc88f55135a7a054f1b4a68a34b4edc2280
8cc0f6bfe9cdfed4788348c670dc5954829f11dfe7361c4d37d8040229c5ac35
8e921d84b9427919ebf0e2d90fee494dcd612e898a81bea8b5b295fad5f51b47
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9821696936c1f0e1aaf0f3b3ab5a3a6b5f22f8f3798ff94fc6c5974f63036fbc
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
99775e3a3e263809b1d1b4d6270477dcf42d736a51956e8f3c70bb502f62317d
9a0f82efa49cc2729abce424aeb6097ccde3001d0aa92178822d3860c600dff4
9a8e0a82949d35e171495b8ad8acd0193308be32fc6eb16c51f1fd14b77e8dc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8
9f8fc0de155a1cf4308d5192fc8db4e6dc6f152979f02a55c2e193ba9293830a
9ff45ed21e0fdb46acfea1707e3c483c7e1526de7a0494d4eae37e30e447b898
a09e08ff34f8a0b646e7346e4c06c57beb8aa3a42c1cfc16233ddd823268a632
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a742b0948e52904ab3c9e44c87b649ea184cf3090e107b6cc4d648c4dc3a71c2
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa02d3301e6f98c6bf3518228ba13c241f0c53e800adb9247018244d9ab5c7cd
ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
aecb90a4b9f06a01ef2ff89a137dca9775efadb7b40d2accb35e2e128cc7b045
b3e0ae4761ce959f660e842b5e009e215147c1a71b4f3ceecf94739755081a23
b67941a710bc007120fa919bf7feebe922b2e8835ff033cb4ae578745eef93eb
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b885a9f30b7fe6ccb27b7466faf393f6ea2b3b10e89e319fa9b38f1f1bfc13a8
bc14723eba0ba79c8d0ca2a09eed32d416762db8496e93aedc63651dc9038182
bc9fded13f30398d146622136f1fabbcd57633085829ceafd558e7549ad23396
bd38115e2249f43db7b1b55bb5fec92202615cd1b72396b9ab6fb5b5f79aa276
bd3ca439603420a4ffd474631f331d70a7406e9a283e6873d6de11920160a025
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc06a0ae0926c481fae2925005dd1001e0d6a13e66741c2864390d42b6df8ab
bf7342fc84dab45148729e11c91074d3483c70d95ac6511fe4da7d39792ea08f
c10848cba5b7239e5881af41412dd5e4607a00507f38a6c283a96a6c0fa6258f
c206d69c9783048745a12d236d6f5dd4aafe309bed73bc0e1f607ce0cf465ef8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c5fa5bdd42961a4e1b06a954a6f522aef99a43cf5155df11f19ab3cc4822ef43
c630ddf2fd9cfec793f78fcbfae66b3b520f486061efa84abd3cb44ed1b8cf51
c8e0a2e5289c4bc191e441bd8d7b2342ba141b8bd424d2325f2f1a528401da11
cd34eecf52f35a152ce72d9e8c10b42eeb34b3a293cedd09eac2940a2692c809
cdfe348bd30d5d9ea67f41ea959359f5465c55639ee67a7623e5b2defbd0ba7e
ce760ab6fd7f91112c08ec54e5671332ccb64a82e194a3a737ecc7544eb06858
cfc1a9eec9dab80cc3600a3283d5860565dfcb91a1dc4873ec8aa4042f1390bc
cff9b16ef21b4a69bc3f697c6b076369670a159ceff22f9b2730014f52f090f7
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7b20d0e70f87e65c919d9a84e96f55ea328ffce0f92ae73a570e47b32a304b7
d7c205a2f5169c155811bdedb8e7a5c89d3ba2c42c7422604bafcb8664294977
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
da4330a66afebd46dece6ffd53b15a994c559c5a7c2eaf7fd76ffb2b0da930b3
dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
ddddc08011f008a21f8b785f568fcb0a3ecb9ebb73ae28422f70504103f8fe1e
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e8db08f17dde72fab4040d70edcd2d214c61565f66a52afbad90820b42fdc4c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f0d756fbeb3274d62775e709e479063afa849c753728e5d356280ef1ffd6586d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f74653097c8c378bdfb7af3195bd0f561e4fc271b4eb8cc0bc44de0ab3a028f9
fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6
fba4c474e31331ed8f60b9d54deeb7f953b6c9b76c3579519b5d718e31a79a92
fbe0457bb7785a32cce599652a2e2feea0ba1bd19ec96331e7377837741c703b
fbe6fd968859888876a89efa82240ea77b66ff7bf12fe3ea47f0bc5f9297363c
fd40540fb9f6cc5b530ab7200c55e3b4c106d9cee13a169981ea400c6b17cf0e
fd6f32f3576fcf57805489535ce7751ef8ab1fff69d0797aabcdf47e97422034
fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc
ff88f4a7aa39ee99ecf215395d98ef626eb74b172ee28f6f06a7059be6b3562b

windowsmatters.com Open in urlscan Pro 192.145.233.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

278 Requests

77 %HTTPS

53 %IPv6

41 Domains

61 Subdomains

43 IPs

10 Countries

3815 kBTransfer

8307 kBSize

41 Cookies

4 Outgoing links

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

windowsmatters.com Open in urlscan Pro
192.145.233.49 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

77 %
HTTPS

53 %
IPv6

41
Domains

61
Subdomains

43
IPs

10
Countries

3815 kB
Transfer

8307 kB
Size

41
Cookies

278 HTTP transactions
8 data transactions