URL: https://preview.windowshine.org/
Submission Tags: @phishunt_io
Submission: On July 01 via api from DE — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6811:cc49, located in United States and belongs to CLOUDFLARENET, US. The main domain is preview.windowshine.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2022. Valid for: a year.
This is the only time preview.windowshine.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 windowshine.org
preview.windowshine.org
184 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
347 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 8
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
806 B
31 4
Domain Requested by
21 preview.windowshine.org preview.windowshine.org
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com preview.windowshine.org
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
1 fonts.googleapis.com preview.windowshine.org
31 5

This site contains no links.

Subject Issuer Validity Valid
preview.windowshine.org
Cloudflare Inc ECC CA-3
2022-07-01 -
2023-07-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://preview.windowshine.org/
Frame ID: F1461193FC4C8C7DEA6F956983027D7A
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Frame ID: 0ADD8887D9682921BEA017824F7298D0
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

windowshine cleaning services - Guest - city center, surrounding

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

554 kB
Transfer

1590 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
preview.windowshine.org/
8 KB
3 KB
Document
General
Full URL
https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a24b6f796d8f53d90f1d770147ebcfadb8c50f8b0393494457780b210e059b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
723db863ad189bb9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 08:20:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
p3p
CP="VPRT "
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
vp.js
preview.windowshine.org/vp/js-lib/customersites/common/
3 KB
758 B
Script
General
Full URL
https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce2171ef46a170282a502a88a4d1eeb93abecbb42707e45f92eb889999b3fd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:13:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
1ef9c3896791ddd8a4e709f6e3c3d3ef
cf-ray
723db8641e109bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
common_published.css
preview.windowshine.org/vp/css/customersites/
14 KB
3 KB
Stylesheet
General
Full URL
https://preview.windowshine.org/vp/css/customersites/common_published.css
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d310fab976ddf6a5ddaa893c1292218d593abad12c5aaef34b67abefc482db2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 13:42:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
content-type
text/css
cache-control
public, max-age=14400
x-served-by
6050ae17f9ecb22690826156fcc03baf
cf-ray
723db8641e139bb9-FRA
expires
Fri, 01 Jul 2022 12:20:03 GMT
site.css
preview.windowshine.org/
1 KB
345 B
Stylesheet
General
Full URL
https://preview.windowshine.org/site.css
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a4faea4cf8777318238291d3cee2671c0b392c98e1c0f4dbe5159980e8316e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
content-type
text/css
cache-control
public, max-age=14400
x-served-by
cd14cd41c2ead122d1d57060f508d4e4
cf-ray
723db8641e159bb9-FRA
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:03 GMT
sw_lightbox.css
preview.windowshine.org/vp/css/jQuery/plugins/image_galleries/
4 KB
952 B
Stylesheet
General
Full URL
https://preview.windowshine.org/vp/css/jQuery/plugins/image_galleries/sw_lightbox.css
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c7fb073446276794b750600036044af28e3958106663de84979cbcc9221f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 13:42:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
content-type
text/css
cache-control
public, max-age=14400
x-served-by
6050ae17f9ecb22690826156fcc03baf
cf-ray
723db8641e179bb9-FRA
expires
Fri, 01 Jul 2022 12:20:03 GMT
tn3e.css
preview.windowshine.org/vp/images/b09/site-builder/widget_skins/tn3e/
6 KB
1 KB
Stylesheet
General
Full URL
https://preview.windowshine.org/vp/images/b09/site-builder/widget_skins/tn3e/tn3e.css
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc449efb19c73ac940115d37c3fd2129f30825d9ee0953758ff5dd06ad75da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2016 17:25:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
content-type
text/css
cache-control
public, max-age=14400
x-served-by
cd14cd41c2ead122d1d57060f508d4e4
cf-ray
723db8641e189bb9-FRA
expires
Fri, 01 Jul 2022 12:20:03 GMT
api.js
preview.windowshine.org/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://preview.windowshine.org/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
723db8646ea09bb9-FRA
0_0_0_0_200_78_csupload_63203372.jpg
preview.windowshine.org/
5 KB
5 KB
Image
General
Full URL
https://preview.windowshine.org/0_0_0_0_200_78_csupload_63203372.jpg?u=3830455691
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc83fbe3ecec435843ce4b86bf57c600cbfcbe5402468b6cbff5717880ecf488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
cd14cd41c2ead122d1d57060f508d4e4
date
Fri, 01 Jul 2022 08:20:03 GMT
cf-cache-status
MISS
last-modified
Tue, 04 Nov 2014 09:18:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db8646ea39bb9-FRA
content-length
4789
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:03 GMT
hosted_sites.js
preview.windowshine.org/vp/JS-Lib/HostedServices/common/generated/
498 KB
119 KB
Script
General
Full URL
https://preview.windowshine.org/vp/JS-Lib/HostedServices/common/generated/hosted_sites.js?automin=1
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b06f58be43a0a4ef0cba780d3dd52fc13557d542a5a483e0b95a82dcdd2c2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:14:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
1ef9c3896791ddd8a4e709f6e3c3d3ef
cf-ray
723db8647ea59bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
constants.js
preview.windowshine.org/vp/JS-Lib/CustomerSites/Common/generated_dd/
3 KB
305 B
Script
General
Full URL
https://preview.windowshine.org/vp/JS-Lib/CustomerSites/Common/generated_dd/constants.js?automin=1
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ffa3b47ee61adfa2e1aef3f5e3f6f2cd4d8a8ad87871257e45dd905812cd385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:13:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
6050ae17f9ecb22690826156fcc03baf
cf-ray
723db8647ea79bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
provisioned.js
preview.windowshine.org/vp/JS-Lib/CustomerSites/Common/
39 KB
10 KB
Script
General
Full URL
https://preview.windowshine.org/vp/JS-Lib/CustomerSites/Common/provisioned.js?automin=1
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7890cb17ea42b13f0283e3524835859bed544807684bed392defc74297ec2fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:13:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
cd14cd41c2ead122d1d57060f508d4e4
cf-ray
723db8647eab9bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
sw_lightbox.js
preview.windowshine.org/vp/JS-Lib/CustomerSites/SiteBuilder/
20 KB
4 KB
Script
General
Full URL
https://preview.windowshine.org/vp/JS-Lib/CustomerSites/SiteBuilder/sw_lightbox.js?automin=1
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5754fd03cf0c28c34141ce2d087a3b0745e3de3311589b369eb6569943bc96fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:13:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
1ef9c3896791ddd8a4e709f6e3c3d3ef
cf-ray
723db8647eac9bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
sw_lightbox.init.js
preview.windowshine.org/vp/JS-Lib/CustomerSites/SiteBuilder/
3 KB
368 B
Script
General
Full URL
https://preview.windowshine.org/vp/JS-Lib/CustomerSites/SiteBuilder/sw_lightbox.init.js?automin=1
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d9260f4667eacea21dfa2b9ad88063ec3ac8c14c79607ed9f29a7f426d5043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:13:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
1ef9c3896791ddd8a4e709f6e3c3d3ef
cf-ray
723db8647ead9bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
jquery.tn3.min.js
preview.windowshine.org/vp/JS-Lib/CustomerSites/SiteBuilder/
86 KB
19 KB
Script
General
Full URL
https://preview.windowshine.org/vp/JS-Lib/CustomerSites/SiteBuilder/jquery.tn3.min.js?automin=1
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/js-lib/customersites/common/vp.js?2018701692
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66bebe8a145cf0be066fbc900017a806c550971f97592822c62d76db8d3d69eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Jun 2022 14:13:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
p3p
CP="VPRT "
access-control-allow-origin
*
cache-control
public, max-age=14400
x-served-by
6050ae17f9ecb22690826156fcc03baf
cf-ray
723db8647eb09bb9-FRA
content-type
application/x-javascript
expires
Fri, 01 Jul 2022 12:20:03 GMT
css
fonts.googleapis.com/
378 B
806 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dac70bf6eb33edc4858d4431e1ff7eb7cdb28aad422ce5ef0ecfbb99e9f2bc56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 06:21:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Jul 2022 08:20:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Jul 2022 08:20:04 GMT
api.js
www.google.com/recaptcha/
884 B
997 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/vp/JS-Lib/CustomerSites/Common/provisioned.js?automin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
26ee0b3dad16a1a044be7d7d8f36a6be654946d1916c60c82b518b60dccd671f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Fri, 01 Jul 2022 08:20:04 GMT
result
preview.windowshine.org/cdn-cgi/bm/cv/
0
275 B
XHR
General
Full URL
https://preview.windowshine.org/cdn-cgi/bm/cv/result?req_id=723db863ad189bb9
Requested by
Host: preview.windowshine.org
URL: https://preview.windowshine.org/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://preview.windowshine.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Jul 2022 08:20:04 GMT
server
cloudflare
cf-ray
723db866fab59bb9-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preview.windowshine.org/
Origin
https://preview.windowshine.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 07:26:29 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0ADD
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
833930213cfbf1049e90d7ce3309f6de20782bd4adf3924821239f7de91708aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4p8eoOHTe7kaEPsipaamgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://preview.windowshine.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22183
content-security-policy
script-src 'report-sample' 'nonce-4p8eoOHTe7kaEPsipaamgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 08:20:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0ADD
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 07:59:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0ADD
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 07:26:29 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0ADD
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
45595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 07 Jul 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0ADD
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:18:05 GMT
x-content-type-options
nosniff
age
248520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0ADD
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 18:59:48 GMT
x-content-type-options
nosniff
age
220817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 0ADD
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly9wcmV2aWV3LndpbmRvd3NoaW5lLm9yZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7rztez17yb15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Fri, 01 Jul 2022 08:20:05 GMT
nav-272064-default-H-272064.png
preview.windowshine.org/
1006 B
1 KB
Image
General
Full URL
https://preview.windowshine.org/nav-272064-default-H-272064.png?u=3798944456
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46952fdebb085175727d260ee9c215065c7117edc3cb3292f5c198ea0fe994b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
6050ae17f9ecb22690826156fcc03baf
date
Fri, 01 Jul 2022 08:20:05 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db86c1b2a9bb9-FRA
content-length
1006
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:05 GMT
nav-272064-About-Us-H-272064.png
preview.windowshine.org/
1 KB
1 KB
Image
General
Full URL
https://preview.windowshine.org/nav-272064-About-Us-H-272064.png?u=4072969234
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69832b036d7d139d623698b7aebdeba6c348aa73181bdaaa7c4e2e1178995f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
6050ae17f9ecb22690826156fcc03baf
date
Fri, 01 Jul 2022 08:20:05 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db86c1b2c9bb9-FRA
content-length
1219
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:05 GMT
nav-272064-Contact-Us-H-272064.png
preview.windowshine.org/
1 KB
1 KB
Image
General
Full URL
https://preview.windowshine.org/nav-272064-Contact-Us-H-272064.png?u=3942911121
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d846e91d6c1a874c78bea4d8fd80a24006024b2058e37fc953dcd18879fe4f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
1ef9c3896791ddd8a4e709f6e3c3d3ef
date
Fri, 01 Jul 2022 08:20:05 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db86c1b2e9bb9-FRA
content-length
1337
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:05 GMT
nav-272064-blog-H-272064.png
preview.windowshine.org/
996 B
1 KB
Image
General
Full URL
https://preview.windowshine.org/nav-272064-blog-H-272064.png?u=4161598972
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa69f6616fdd331daa6f55b90275028126bee1a0407f3e39603c5e7343b7828e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
cd14cd41c2ead122d1d57060f508d4e4
date
Fri, 01 Jul 2022 08:20:05 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db86c1b2f9bb9-FRA
content-length
996
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:05 GMT
nav-272064-How-it-works-H-272064.png
preview.windowshine.org/
1 KB
2 KB
Image
General
Full URL
https://preview.windowshine.org/nav-272064-How-it-works-H-272064.png?u=2751456522
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1782aeb13c2ece695cf81cf82c09827c40cd57c071b624b6a047c6d5cbc6953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
6050ae17f9ecb22690826156fcc03baf
date
Fri, 01 Jul 2022 08:20:05 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db86c1b319bb9-FRA
content-length
1419
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:05 GMT
nav-272064-health--safty-H-272064.png
preview.windowshine.org/
1 KB
2 KB
Image
General
Full URL
https://preview.windowshine.org/nav-272064-health--safty-H-272064.png?u=1608352768
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:cc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db524ae5fdb23f3cb15b78732acfd0ac81763f202f2cae878b06fff0991f48f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://preview.windowshine.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-served-by
1ef9c3896791ddd8a4e709f6e3c3d3ef
date
Fri, 01 Jul 2022 08:20:05 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Sep 2019 23:41:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="VPRT "
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
723db86c1b339bb9-FRA
content-length
1488
x-robots-tag
noindex
expires
Fri, 01 Jul 2022 12:20:05 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| inlineLoadScript function| encodeBlogPost number| __MT number| __ti object| __td boolean| __noTrace string| BROWSER_CLASS_Other string| BROWSER_CLASS_InternetExplorer string| BROWSER_CLASS_Gecko string| BROWSER_CLASS_Webkit string| BROWSER_CLASS_Opera string| BROWSER_NAME_Other string| BROWSER_NAME_InternetExplorer string| BROWSER_NAME_Firefox string| BROWSER_NAME_Mozilla string| BROWSER_NAME_Safari string| BROWSER_NAME_GoogleChrome string| BROWSER_NAME_Opera string| BROWSER_NAME_MobileSafari string| BROWSER_NAME_Android string| BROWSER_NAME_Blackberry string| BROWSER_NAME_Camino string| BROWSER_NAME_Dolfin string| BROWSER_NAME_KindleSilk string| BROWSER_NAME_MobileChrome string| BROWSER_NAME_Blackberry10 string| BROWSER_NAME_Playstation string| BROWSER_NAME_SymantecStealthMode string| BROWSER_NAME_Waterfox string| BROWSER_NAME_WOSBrowser string| BROWSER_NAME_Nintendo string| BROWSER_NAME_UCBrowser string| BROWSER_NAME_NokiaBrowser string| BROWSER_NAME_Edge string| BROWSER_NAME_MobileEdge string| BROWSER_NAME_PlaystationVita string| BROWSER_OS_DeprecatedOther string| BROWSER_OS_Windows string| BROWSER_OS_Macintosh string| BROWSER_OS_Linux string| BROWSER_OS_Other string| BROWSER_OS_IOS string| BROWSER_OS_Android string| BROWSER_OS_Blackberry string| BROWSER_OS_WindowsPhone string| BROWSER_OS_WebOS string| BROWSER_OS_Symbian string| BROWSER_OS_Bada string| BROWSER_OS_BlackberryTabletOS string| BROWSER_OS_Blackberry10OS string| BROWSER_OS_ChromeOS string| BROWSER_OS_Playstation string| BROWSER_OS_SymantecStealthMode string| BROWSER_OS_OpenBSD string| BROWSER_OS_Nintendo string| BROWSER_OS_NokiaOS string| BROWSER_OS_FreeBSD string| BROWSER_OS_PlaystationVita object| vp number| LOGGING_MAX_LEN function| showTrace function| _nativeIndexOf string| VP_UI_BLANK_IMAGE object| VP_WEB_ENTITY_REGEX object| VP_WEB_HTML_ENTITY_MAP object| XML_ACTIVE_X_IDS boolean| USE_JQUERY_FOR_AJAX object| DateInterval function| $ function| jQuery function| __receiveMessageHook string| _jqueryPostMessagePolyfillPath object| _browserDD object| _browserData number| _lastEventHandlerId object| _eventHandlerMap string| _eventId function| _ string| WIDGET_QS_BlogContent string| WIDGET_QS_Coupon string| WIDGET_QS_EmailMarketingSignup string| WIDGET_QS_Form string| WIDGET_QS_GuestBook string| WIDGET_QS_Image string| WIDGET_QS_ImageGallery string| WIDGET_QS_Map string| WIDGET_QS_MediaPlayer string| WIDGET_QS_PayPalButton string| WIDGET_QS_ProductCatalog string| WIDGET_QS_ShareButton string| WIDGET_QS_TwitterFollowButton string| WIDGET_QS_UploadedDocument string| WIDGET_QS_VPDocument function| showConfirmationMessage function| showErrorMessage string| PAGE_QS_Name string| PAGE_QS_VisitTimeDuration object| googleRecaptchaScriptTag function| submitAjaxForm function| preloadImages function| fixPngImages function| getLargerImageUrl function| viewLargerImage function| onSubmitPayPalButtonFormHandler function| changeFilmstripImage object| mediaPausedPlayers function| playerReady function| onYouTubePlayerReady object| U object| a0_0x433e function| a0_0x3d7e object| __CF$cv$params object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_666011

1 Cookies

Domain/Path Name / Value
.preview.windowshine.org/ Name: __cf_bm
Value: z1k4x1UmpGNgGEo4W0bEsqLEbozNxIf7ISsFoyXNSZM-1656663604-0-AWRAVX9KD6R8v4hAOELk5vaYEFtdfUKzaGJ2ih11ODqXoTCZkj2eHJTv1whNwSbrzX7eWybIOkRTipcy35EOHqBfoH1KosD9wyTWledDNr0bXU7BIDnhqPrJxcLaiOWYBA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
preview.windowshine.org
www.google.com
www.gstatic.com
2606:4700::6811:cc49
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10c7fb073446276794b750600036044af28e3958106663de84979cbcc9221f11
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cc449efb19c73ac940115d37c3fd2129f30825d9ee0953758ff5dd06ad75da6
26ee0b3dad16a1a044be7d7d8f36a6be654946d1916c60c82b518b60dccd671f
2ce2171ef46a170282a502a88a4d1eeb93abecbb42707e45f92eb889999b3fd7
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42d9260f4667eacea21dfa2b9ad88063ec3ac8c14c79607ed9f29a7f426d5043
46952fdebb085175727d260ee9c215065c7117edc3cb3292f5c198ea0fe994b3
4a24b6f796d8f53d90f1d770147ebcfadb8c50f8b0393494457780b210e059b0
5754fd03cf0c28c34141ce2d087a3b0745e3de3311589b369eb6569943bc96fd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d846e91d6c1a874c78bea4d8fd80a24006024b2058e37fc953dcd18879fe4f1
66bebe8a145cf0be066fbc900017a806c550971f97592822c62d76db8d3d69eb
7d310fab976ddf6a5ddaa893c1292218d593abad12c5aaef34b67abefc482db2
833930213cfbf1049e90d7ce3309f6de20782bd4adf3924821239f7de91708aa
8ffa3b47ee61adfa2e1aef3f5e3f6f2cd4d8a8ad87871257e45dd905812cd385
bc83fbe3ecec435843ce4b86bf57c600cbfcbe5402468b6cbff5717880ecf488
c1782aeb13c2ece695cf81cf82c09827c40cd57c071b624b6a047c6d5cbc6953
c5b06f58be43a0a4ef0cba780d3dd52fc13557d542a5a483e0b95a82dcdd2c2a
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d7890cb17ea42b13f0283e3524835859bed544807684bed392defc74297ec2fb
dac70bf6eb33edc4858d4431e1ff7eb7cdb28aad422ce5ef0ecfbb99e9f2bc56
db524ae5fdb23f3cb15b78732acfd0ac81763f202f2cae878b06fff0991f48f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4faea4cf8777318238291d3cee2671c0b392c98e1c0f4dbe5159980e8316e
f69832b036d7d139d623698b7aebdeba6c348aa73181bdaaa7c4e2e1178995f7
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fa69f6616fdd331daa6f55b90275028126bee1a0407f3e39603c5e7343b7828e