windowstan.com Open in urlscan Pro
2606:4700:3030::6815:4827 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://windowstan.com/download/9495/
Effective URL:
https://windowstan.com/downloading/?dlm-dp-dl=9495
Submission: On September 25 via manual (September 25th 2022, 7:23:05 pm UTC) from CA — Scanned from CA

Summary HTTP 176 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 27 domains to perform 176 HTTP transactions. The main IP is 2606:4700:3030::6815:4827, located in United States and belongs to CLOUDFLARENET, US. The main domain is windowstan.com.
TLS certificate: Issued by E1 on September 22nd 2022. Valid for: 3 months.

This is the only time windowstan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso 6 GB

Size: 6 GB (6101768192 bytes, 0% done)

Downloaded from: https://download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso

Domain & IP information

	IP Address	AS Autonomous System
3 17	2606:4700:303... 2606:4700:3030::6815:4827	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
5	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:68e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
26	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:637	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
32	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4002:c11::5e	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1588:d80... 2a00:1588:d801::17	36040 (YOUTUBE) (YOUTUBE)
1	2607:f8b0:402... 2607:f8b0:4020::a	15169 (GOOGLE) (GOOGLE)
4 6	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:737	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
1	35.164.244.115 35.164.244.115	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1 2	34.120.107.143 34.120.107.143	15169 (GOOGLE) (GOOGLE)
1 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2600:1f18:4e9... 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	2600:1400:d:5... 2600:1400:d:596::317f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
176	40

17 2606:4700:3030::6815:4827 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

windowstan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80b::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:68e (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:822::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:807::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:637 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.proadscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.proadscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2607:f8b0:4006:824::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:806::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:821::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4002:c11::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200e (Rockville, United States) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1588:d801::17 (Ukraine) 1 redirects

ASN36040 (YOUTUBE, US)

r10---sn-quxapm-3c2e.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020::a (Montreal, Canada)

ASN15169 (GOOGLE, US)

r5---sn-t0a7sn7d.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::2004 (Rockville, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:737 (United States)

ASN13335 (CLOUDFLARENET, US)

media.proadscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.244.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-244-115.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:596::317f (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

download.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com	638 KB
34	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 pubads.g.doubleclick.net — Cisco Umbrella Rank: 437 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	425 KB
22	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	251 KB
17	windowstan.com 3 redirects windowstan.com	124 KB
10	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 imasdk.googleapis.com — Cisco Umbrella Rank: 424	339 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	262 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3068 google-bidout-d.openx.net — Cisco Umbrella Rank: 2960 us-u.openx.net — Cisco Umbrella Rank: 396	2 KB
5	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 58022	122 KB
4	google.ca adservice.google.ca — Cisco Umbrella Rank: 13421	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	7 KB
3	gvt1.com 2 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1829 r10---sn-quxapm-3c2e.gvt1.com r5---sn-t0a7sn7d.gvt1.com	1 MB
3	proadscdn.com cdn.proadscdn.com — Cisco Umbrella Rank: 266975 media.proadscdn.com — Cisco Umbrella Rank: 255055	220 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 342	970 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 826 s.tribalfusion.com — Cisco Umbrella Rank: 2209	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 742 r.turn.com — Cisco Umbrella Rank: 3229	869 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2621 pixel.wp.com — Cisco Umbrella Rank: 2436	3 KB
1	microsoft.com download.microsoft.com — Cisco Umbrella Rank: 8947
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	603 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 562	178 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	463 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3109	8 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3489	904 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	700 B
176	27

	Domain	Requested by
32	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net windowstan.com
19	pagead2.googlesyndication.com	windowstan.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
17	windowstan.com	3 redirects windowstan.com
13	www.gstatic.com	googleads.g.doubleclick.net 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
6	www.google.com	4 redirects tpc.googlesyndication.com 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
6	fonts.googleapis.com	googleads.g.doubleclick.net 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
5	csi.gstatic.com	www.gstatic.com
5	protagcdn.com	windowstan.com protagcdn.com
5	securepubads.g.doubleclick.net	windowstan.com securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	2 redirects 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com google-bidout-d.openx.net
4	fonts.gstatic.com	fonts.googleapis.com
4	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
4	adservice.google.ca	pagead2.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
3	www.google-analytics.com	windowstan.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	oajs.openx.net	1 redirects
2	9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	media.proadscdn.com	windowstan.com
2	imasdk.googleapis.com	cdn.proadscdn.com imasdk.googleapis.com
1	mug.criteo.com
1	download.microsoft.com
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	sync-tm.everesttech.net	google-bidout-d.openx.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	r5---sn-t0a7sn7d.gvt1.com	googleads.g.doubleclick.net
1	r10---sn-quxapm-3c2e.gvt1.com	1 redirects
1	redirector.gvt1.com	1 redirects
1	cdn.proadscdn.com	protagcdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	windowstan.com
1	stats.wp.com	windowstan.com
1	stats.g.doubleclick.net	www.google-analytics.com
176	46

This site contains links to these domains. Also see Links.

Domain
ad.plus
facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.windowstan.com E1	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.protagcdn.com E1	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
akamai.download.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-07-08` - `2023-01-04`	6 months	crt.sh

This page contains 28 frames:

Frame: https://download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso
Frame ID: 4F8C7D4024875445B5722BFFF8EE7DB9
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
Frame ID: EB05CEB6CF05CF6B54BE80D258F78363
Requests: 1 HTTP requests in this frame

Frame: https://protagcdn.com/check-bot/index.html
Frame ID: 0B025CC5487BDA30003930454C0BA66E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=90&slotname=9455630818&adk=3440635097&adf=4251785803&pi=t.ma~as.9455630818&w=728&lmt=1664133776&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776176&bpp=35&bdt=335&idt=299&shv=r20220922&mjsv=m202209190101&ptt=5&saldr=sa&abxe=1&correlator=3049521105282&frm=20&pv=2&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2CVyRNiUr8&p=https%3A//windowstan.com&dtd=325
Frame ID: 2AB8B49BCB40D08AB70A20219365BEFB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&adk=1812271804&adf=3025194257&lmt=1664133776&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776302&bpp=4&bdt=462&idt=244&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255
Frame ID: 2DEEEA6F21F4F8EAB279019EF76A2FF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261
Frame ID: CEA52432655D6D9ADB430C8C5DC7B22B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1334409561&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776310&bpp=5&bdt=470&idt=263&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=6QHmULMk2Y&p=https%3A//windowstan.com&dtd=270
Frame ID: E0907036C5917EA352EFF46E1706754B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276
Frame ID: AFC9070E4CDF2AB39DFA637021E0C5A9
Requests: 26 HTTP requests in this frame

Frame: https://protagcdn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664121600
Frame ID: 1A4BED2706D9E7EEB2881C7D2095A682
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Frame ID: 646166AEF20960756A7DA3F9B6BEDFDF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 38EF009AEFC37C3FCD337DD7A32B9849
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BD9F90E0F3ECAE14789A77F4C58187EE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 04B8C738A3BF507260CC6998D46980EF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C8D976AA55E8E312E83965923F5F1F25
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
Frame ID: A90C2A1568326F7526EE1F5532A43E69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
Frame ID: B54BA45FC5E6FC3D69A3C813E29D4BE4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
Frame ID: 91E0F7816BA6E5C627652B54B5187056
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: 8A916F4CBCE254E42868F2ABAA26EBE1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
Frame ID: 8200B2BBD078DA1EFD757D769428BB25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 828E590120B1850FA9B8C4AA905C4832
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E59ABC556C9342F32D10D5085D2A3522
Requests: 2 HTTP requests in this frame

Frame: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06512EF98B5FC93E8311C86120AAA80A
Requests: 1 HTTP requests in this frame

Frame: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE613E8E8136F2649AB650575C11F228
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 74E3FCEC83DFDABF568378CCA42DE724
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D88FD0ABB32A14EF40459B4C046CB2E
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 35573C12A797F0DEE855AC7C8244950F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 93441DF9715B6845CC8B4C653B899A6C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=windowstan.com
Frame ID: 9C41DE4FAEFEF89EBD260EF0190246C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downloading... - Windowstan

Page URL History Show full URLs

https://windowstan.com/download/9495/ HTTP 302
https://windowstan.com/downloading?dlm-dp-dl=9495 HTTP 301
https://windowstan.com/downloading/?dlm-dp-dl=9495 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

176
Requests

96 %
HTTPS

74 %
IPv6

27
Domains

46
Subdomains

40
IPs

3
Countries

3648 kB
Transfer

9013 kB
Size

21
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ad.plus/?utm_source=windowstan.com&utm_medium=protag-in_article_video&utm_campaign=brand_logo
Title: Powered by Ad.Plus

Search URL Search Domain Scan URL

URL: https://facebook.com/windowstan/

Search URL Search Domain Scan URL

URL: https://twitter.com/windowstanCom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCKzzWF6wNV4kWCqWIa3EnEQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://windowstan.com/download/9495/ HTTP 302
https://windowstan.com/downloading?dlm-dp-dl=9495 HTTP 301
https://windowstan.com/downloading/?dlm-dp-dl=9495 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://redirector.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=036DA25546855EC34781287D1E7C9C5E06D672D6.7D5ECA82B7FAE94B1308D2C845B66D087F60DF4B&key=ck2 HTTP 302
https://r10---sn-quxapm-3c2e.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1ADD0F39FF9044529C2D42F788E09A41638E0063.01128251AD22E85133DA2426C3771FF3A1D895CD&key=cms1&cms_redirect=yes&mh=nA&mip=2607:5300:60:7867::14&mm=28&mn=sn-quxapm-3c2e&ms=nvh&mt=1664133382&mv=m&mvi=10&pl=32 HTTP 302
https://r5---sn-t0a7sn7d.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=315ADEEF29E7C014319E1922F74121E3AAA2EDBC.482A0B50046D65F856C92821D7AD59E22794F25E&key=cms1&mh=nA&pl=32&redirect_counter=1&cm2rm=sn-quxapm-3c2ee7&req_id=eab92b5b267e36e2&cms_redirect=yes&ipbypass=yes&mip=2607:5300:60:7867::14&mm=42&mn=sn-t0a7sn7d&ms=onc&mt=1664133052&mv=u&mvi=5

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://oajs.openx.net/esp?url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&rid=esp&cc=1

Request Chain 166

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI4iAN0emN6soimdEWCCEmA&google_cver=1&google_push=AZmPxg8S-oMbK-n97nzZgyGXiL1QqjnUG__xSIuaR0shK5h6ZjEy_TdT-q-y5xRnDlezmvMoOpT2cs8Dx0i_aKJXs5lGBr-fwF3I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI3NjM4NTMzMzY3MDQ2NzU2OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4iAN0emN6soimdEWCCEmA&google_cver=1

Request Chain 168

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOx95j8w8TxE5XHXJ_pzEjA&google_cver=1&google_push=AZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOx95j8w8TxE5XHXJ_pzEjA&google_cver=1&google_push=AZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 174

https://match.adsrvr.org/track/cmf/openx?oxid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a82f276f-6bd7-427f-b934-fda8cf51cf58&ttd_puid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0&gdpr_consent=

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGijtYPQDymtEnT3moreyoo&google_cver=1

Request Chain 178

https://windowstan.com/download/9495/?dlm-dp-dl-force=1&dlm-dp-dl-nonce=1b2969a748 HTTP 302
https://download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso

Request Chain 179

https://gum.criteo.com/sid/json?origin=publishertagids&domain=windowstan.com&sn=ChromeSyncframe&so=0&topUrl=windowstan.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ial1uHx1dlVEZU96QTExNU1NNm9Xc2dPQ3c3RGxlTFptbWJQN0gzYWp5V280NFNrb01OZFRsZHkxQ2RCSGhFcVdoaWpPeCsrd3N2d3o3cHV5eFM3UjJjM21GME1kSzB5T2hHNEtENHpjZTFjdjJvZHlDR2gzRGtxTEkxakdSWDRjZXlubWJBbnpLc3BjMktmbXcrZW1qN1ZjMHp2UGtWWllnZFdhQnFlZUo4SFl5MmZQa3ZUQVBvamo3RXRPUWpDSndHS2dPQVozdjk5K0RDOVRMK2JDamQyeHhNNDVTV1NVaitFZ2V3T3VVbnFwRUYxSEI2QkFwVDdQcE96K3NhUFNHNmlGUjZrSlNXWVY3bU81M1pJNEx1L3hqQT09fA&cppv=2

176 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
windowstan.com/downloading/
Redirect Chain

https://windowstan.com/download/9495/
https://windowstan.com/downloading?dlm-dp-dl=9495
https://windowstan.com/downloading/?dlm-dp-dl=9495

125 KB
26 KB

900ms
899ms

Document
text/html

2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06907abf171b642bc5278e5fa0311dde94e8812bdec25284061fd21cc80f9135

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7506219d6f697139-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:55 GMT
expires: Sun, 25 Sep 2022 19:22:55 GMT
link: <https://windowstan.com/wp-json/>; rel="https://api.w.org/", <https://windowstan.com/wp-json/wp/v2/pages/10785>; rel="alternate"; type="application/json", <https://windowstan.com/?p=10785>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmEXJfioNi38e2YkmqFX7xeTv0qOKresUMalz7yZv2QW0CDOh93YkRUC9I%2B96sgXi6qpX8PBQMGXsmkbYn%2FeaGF4ykMcbiGpIjQoZ8xSNwGvPMbLtMkA9yWVnj05C5oR4DlY9yidVjiaoiKCwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7506219b0c434bca-YUL
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:54 GMT
expires: Sun, 25 Sep 2022 19:22:54 GMT
location: https://windowstan.com/downloading/?dlm-dp-dl=9495
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOfx5dH8zX3NDEPneuciZXgbUI%2BMILnAKvDv76ky0l0cYCbQGh0RtN%2FIerOgB4fvcNUbsiH0ax2YnQzF0qqIMnu6Zwi7NkySXAPMNHsRdTN7cvQk82j8ESz2%2FtkU4AL7eywDyH7Ys4XTegMxOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,Accept-Encoding
x-redirect-by: WordPress

GET
H3 200 main.min.css
windowstan.com/wp-content/themes/astra/assets/css/minified/ 40 KB
9 KB 20ms
20ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.1
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba71d7360fc084690191be50fae228b204839bff0cd2e2c2265b7d924e5b030a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Jul 2022 19:39:29 GMT
server: cloudflare
age: 1454459
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SS%2FA1%2Bubr9Kpaz5rLHZgKyuRxyk4%2BBmFE5yuS1BByJcZy9bSrb31GsSukXMjqenXKleQvvj6SqDYPp2621T48vXsPzJN9q85OdV17G4%2F5193ou2TyylhQbWBIbdEgblsyloXdwflsQ1euOwhwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a308587139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 29 Jul 2023 19:40:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3443
date: Sun, 25 Sep 2022 18:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 25 Sep 2022 20:25:32 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 63ms
20ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 25 Sep 2022 20:21:27 GMT

GET
H3 200 style.min.css
windowstan.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 52ms
51ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 20:30:16 GMT
server: cloudflare
age: 502676
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ylni9MRR5ub%2FXBlaulmGVyFWax29MpFRwMRDR3WHyMcIir%2B19Gyb4iEuSnY3h%2FhYQfP7n1l0siIhHGWM34ui%2Be45oXIOXABIZTb52%2B8%2FjtvrsZEJMLX2s75Fh2vF5%2F7ArL%2BLK7cbOwnkH8mRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a3d9b47139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Aug 2023 02:37:02 GMT

GET
H3 200 mediaelementplayer-legacy.min.css
windowstan.com/wp-includes/js/mediaelement/ 11 KB
3 KB 26ms
25ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Sep 2020 16:23:06 GMT
server: cloudflare
age: 248075
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CReHs%2FfJRFLQuijrgvAuFANkJTA%2FvwDLXO%2FiNA4namvZwZGOPeHzsAIYjDOkZwY6b3efndZuCRlyVH8GHZVtyn8NA0%2BS6bRWKsKAAyJZwxA175xS3Zb%2FQ0hGLxGyjRNGvWxsFJh0w0rIrW90A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a3d9b67139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Aug 2023 02:14:15 GMT

GET
H3 200 wp-mediaelement.min.css
windowstan.com/wp-includes/js/mediaelement/ 4 KB
2 KB 28ms
26ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jun 2019 21:15:02 GMT
server: cloudflare
age: 502676
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi4oBThISZujdfDfksCa3z0ZCiz3cdUlCjqlvq9NkkQZy6oSYE1sI8ExgJ3%2BVdrDXux014kcWsNBKp8mdwD2g%2FviKD3gvbJxkDu6fsFWNL9qdHZzIyD%2BuakO%2BhC%2Fuzd%2BqHv1Ff1zF%2FZzfiAMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a3d9b97139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Aug 2023 02:37:02 GMT

GET
H3 200 frontend.min.css
windowstan.com/wp-content/plugins/google-analytics-premium/assets/css/ 36 KB
3 KB 28ms
26ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/plugins/google-analytics-premium/assets/css/frontend.min.css?ver=7.13.1
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98d7bdfe0f9ac78ec9ab3274b04e5663ef132767c4014ca899c820634b3f204

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 15:50:20 GMT
server: cloudflare
age: 502676
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l0k1fD6A428Bo3Jel79%2F5sv7dLxkxs%2FcteoOVIIXtMw1e0nGDztyv89U0nQzSVUbl0hTs7We0qOjnFS74vo9dnyrT8HYY5%2Bujl5eMn4MQuKSy3tKxFm3M0Sojl7WQI570Y9KWOUMW8DmOScnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a3d9bb7139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Aug 2023 04:16:56 GMT

GET
H3 200 astra-addon-630227525a9983-98530406.css
windowstan.com/wp-content/uploads/astra-addon/ 15 KB
3 KB 36ms
34ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/uploads/astra-addon/astra-addon-630227525a9983-98530406.css?ver=3.9.0
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9367efe4396b248b4e0ff1f69aa83fbf530092c92543277dddedcb75454cef2d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50833
cf-polished: origSize=15312
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 21 Aug 2022 12:38:42 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBU%2FxIcpBP%2BKGQxGjohNPC31gocHCfWKK%2BpwYQgJkHspvGuPF3cD3ybhviEgLoeto2PUOnPi6JuFvXuX%2B5jyUAU7%2BO841zOQSKvkuhymIT6uHgdLjSoN1Vt2A1PJNE%2BLnuw5tcp0ZNvhO9vRfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 750621a3d9bc7139-YUL
expires: Mon, 21 Aug 2023 12:48:34 GMT

GET
H3 200 jetpack.css
windowstan.com/wp-content/plugins/jetpack/css/ 84 KB
17 KB 38ms
37ms Stylesheet
text/css 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.1.2
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039c2e9b769542b5efa6911822fa780eed443d913b26469533d13c8d2c85c040

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50833
cf-polished: origSize=85661
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 19 Jul 2022 07:21:11 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0%2BbmyN%2FYCx6IiydojLs3K2rsZ7t1ajhzQBFVJWvRFMU8AB5nlJG5pwQhtc1yPijDFZtsywozkCYWfuPkZFklDYsKd89k7uO1P4R6FLDcodh8wenBi0VJVLuo2gxqOIK6xBRtpsHChort3R6YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 750621a3d9bf7139-YUL
expires: Fri, 28 Jul 2023 06:08:34 GMT

GET
H3 200 frontend.min.js Show response
windowstan.com/wp-content/plugins/google-analytics-premium/assets/js/ 9 KB
3 KB 29ms
29ms Script
application/javascript 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/plugins/google-analytics-premium/assets/js/frontend.min.js?ver=7.13.1
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 15:50:20 GMT
server: cloudflare
age: 1446333
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytP3a7lhaw0kIJ3io9DOE4vGlmwdvdBDtyVLKorS%2F9cseU0ttixIxv2FINPN%2B90aPp1b%2BCGsOpTaH34%2FW61qRseWmmGfqq5z%2FzzhIlRpmrwxoD1Dvant6OsT4%2BzsPKnw53PtIy5YDrqy5vGdSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a3d9c17139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Jul 2023 05:58:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 135ms
74ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7decfebf1d9a50b8f3271d4d71039e5359c763f925a8c61dede7f7d0f4f149e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58076
x-xss-protection: 0
server: cafe
etag: 9800060276863771256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 19:22:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 143ms
40ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

49298e8132bfde2e654e4ecdd0627b27c1c1d6dc163e49d1660cbb552ca2344d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27824
x-xss-protection: 0
server: sffe
etag: "1345 / 392 of 1000 / last-modified: 1663970755"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 25 Sep 2022 19:22:56 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/windowstan.com/ 335 KB
98 KB 207ms
159ms Script
application/javascript 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/windowstan.com/site.js
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af26e7f615b40cb1bfd4a906ce0ea9a3431021293b21afdc92e3c7c3d8111896

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1940
cf-polished: origSize=343477
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 20 Dec 2021 14:40:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRl6qvnUEihT6Tmu5%2Bt3FWbKc0ozpJfOMixGuiSMGurteB8Hh7%2BHY8zNbRu7yt0tzLo0M9iY9RpfClQeyvjQxK8jk9GI%2FHeC8H0WsbTxmZ0FuvCt7Xrp%2B3bJE6TbPGygBfOyvYaUJ%2BJhthE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 750621a4baa87138-YUL
expires: Sun, 25 Sep 2022 19:52:56 GMT

GET
H3 200 Windowstan-Logo-vector-1.svg
windowstan.com/wp-content/uploads/2021/01/ 952 B
981 B 34ms
33ms Image
image/svg+xml 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowstan.com/wp-content/uploads/2021/01/Windowstan-Logo-vector-1.svg
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa608b57c66b48b0f4f5150c5593214de62e747d2c31e81740c993fb706333c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 23 Jan 2021 19:11:01 GMT
server: cloudflare
age: 2431067
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaBTWZ23R15rfhvkGnGDv0pxDGBuVfchjnYKdW9BGejDz1LcOmc0%2F3sYdPz9%2BM6fO4PeunACSOw3YcDoSmJ%2F2AG3A1iR%2B5lK6nhYhWFPTN0kWa8fPLO5jmhYDLJXRG7dDGxHaTojCWVp7KuLtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a46ae07139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 03 Dec 2022 04:45:42 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 118 KB
40 KB 110ms
43ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c3be3db11f9758ea542355599dc761e940f7bd390e7659ae73e39ca0cf6802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40732
x-xss-protection: 0
server: cafe
etag: 14053495950757264130
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 19:22:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 101ms
32ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-71884074-2&cid=356564035.1664133776&jid=1053106955&gjid=799486678&_gid=1168234333.1664133776&_u=aGBAgUAjCAAAAE~&z=1376676486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windowstan.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Sep 2022 19:22:56 GMT
content-type: text/plain
access-control-allow-origin: https://windowstan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
19ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=2054040148&t=pageview&_s=1&dl=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&ul=en-us&de=UTF-8&dt=Downloading...%20-%20Windowstan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjC~&jid=1053106955&gjid=799486678&cid=356564035.1664133776&tid=UA-71884074-2&_gid=1168234333.1664133776&did=dZGIzZG&z=220761174

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 20:46:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81386
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 frontend.min.js Show response
windowstan.com/wp-content/themes/astra/assets/js/minified/ 16 KB
5 KB 30ms
28ms Script
application/javascript 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.1
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bfa78534c298411845229e6dee89bfd935ed71c8aa64add2b06f8c31c5daf6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Jul 2022 19:39:29 GMT
server: cloudflare
age: 1921098
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09rrcDTqaFzjK2QnTKS5kZdSJwleZnYJWrT0HvJyQ5vDlrmvUXxaQJIRAzLuzxBDPJL5wVJBzsHff6b%2B0Xdw%2FwroPA%2BswU4ejh4MUpVfmZppnj3N%2FtgcxNf4CdMf%2FyhKk4wtoyMrQAkwKc%2FhGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a49b287139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Aug 2023 04:08:14 GMT

GET
H3 200 astra-addon-630227526a5b87-45447447.js Show response
windowstan.com/wp-content/uploads/astra-addon/ 6 KB
2 KB 26ms
24ms Script
application/javascript 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-content/uploads/astra-addon/astra-addon-630227526a5b87-45447447.js?ver=3.9.0
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412144daf3b8ca3d205010c47587c58e7a77fc3b9102175a3740e5bcac565ecf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 21 Aug 2022 12:38:42 GMT
server: cloudflare
age: 50834
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PergJ7XnERGdfXpH3lYHpmB15bigD3PPRqPyM%2FkHCkXM%2BJvloK8nWHI5jc1STEHuFsgdNvSiS9%2B7v3Co97wyzGZKikuBv%2BAq2lSm0xsibzsjDbp8FJyKmjpXCNHGmndy3m5kJsbnfrHW7AnlOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
expires: Mon, 21 Aug 2023 12:48:37 GMT
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a49b2b7139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 jquery.min.js Show response
windowstan.com/wp-includes/js/jquery/ 87 KB
32 KB 31ms
28ms Script
application/javascript 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:37:24 GMT
server: cloudflare
age: 1921099
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBSzeojxJPilM30p49hPqEXkQOwTClJ771%2Fk8AdCSYrLrrZz4n2Ka5CRuyL5EahItZ8bPpLCV0oPoPlQjpEymwmbHErX5P0lybh%2BwP2Hq5yyCWY%2FTJMLS5Zm31%2F2w4N7Kp26L6V2PfdgEq88aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a49b2c7139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Aug 2023 04:08:14 GMT

GET
H3 200 jquery-migrate.min.js Show response
windowstan.com/wp-includes/js/jquery/ 11 KB
5 KB 41ms
39ms Script
application/javascript 2606:4700:3030::6815:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowstan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:36:06 GMT
server: cloudflare
age: 502675
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aab6RP82Vhzoh5bZ7y7u6XcwDgdy8kAT%2FixFaqm%2F8C4jDrLA0x6hZzVHcPbR11QMEtTgBEMhSztvAdPIceJ4PFI8jQG%2BnnXdsIaDd04G1DkFO2Fj6qiwwk7EusCCVqllnp%2F6EiJDLr26F64DqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750621a49b2f7139-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 05 Aug 2023 04:08:14 GMT

GET
H2 200 e-202238.js Show response
stats.wp.com/ 9 KB
3 KB 59ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202238.js
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT yyz
date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
server: nginx
etag: W/"61beb56a-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 11 Sep 2023 01:47:05 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/ 357 KB
126 KB 110ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

155359f921f381d1f193070eff66be12e2f403b2e00b29e002109b885d397f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128660
x-xss-protection: 0
server: cafe
etag: 15771069405484607953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 19:22:56 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 30ms
17ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.1.2&blog=158978752&post=10785&tz=0&srv=windowstan.com&host=windowstan.com&ref=&fcp=2192&rand=0.7204158616943197
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Sep 2022 19:22:56 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 63ms
21ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 04:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Sep 2023 04:04:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
104 B 78ms
37ms XHR
application/json 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=windowstan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

b0fb099a7fec50c06d484a5efe91d9a1347c24fe3852c0ebd86532bc0ba85a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Sun, 25 Sep 2022 19:22:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/ Frame EB05 10 KB
5 KB 83ms
23ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 18:45:27 GMT
etag: 9671129459699598864
expires: Sun, 09 Oct 2022 18:45:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
protagcdn.com/check-bot/ Frame 0B02 2 KB
1 KB 225ms
197ms Document
text/html 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/check-bot/index.html
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/windowstan.com/site.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5c03a60fcd2b23be6cf85f891c69447ff48abbfba0682183d5f4fa234c7f1f

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 750621a6fb5a713f-YUL
content-encoding: br
content-type: text/html
date: Sun, 25 Sep 2022 19:22:56 GMT
expires: Wed, 12 Jan 1980 05:00:00 GMT
last-modified: Tue, 31 Aug 2021 15:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdApRwPOmJ6m%2BP4wfy8CaEq6j6P5iHXl7AfWtRTtLtOKGarTPhKGWHhGU745bSTIyiBif2zJz06MXkSOC4h5UUBkWbFX71IVbiabTL7rDO8z2XQoND4hLfCrPvroHQbbQslG650eZtisEFY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
700 B 120ms
35ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=windowstan.com&callback=_gfp_s_&client=ca-pub-2906176557259517&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

421b0c2e09144d8f39f243be1353c872f490aa4e3795c0ee3455433442d19dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 133ms
44ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=windowstan.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 109ms
46ms Script
application/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowstan.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AB8 71 KB
20 KB 526ms
482ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=90&slotname=9455630818&adk=3440635097&adf=4251785803&pi=t.ma~as.9455630818&w=728&lmt=1664133776&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776176&bpp=35&bdt=335&idt=299&shv=r20220922&mjsv=m202209190101&ptt=5&saldr=sa&abxe=1&correlator=3049521105282&frm=20&pv=2&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2CVyRNiUr8&p=https%3A//windowstan.com&dtd=325

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38c4ae22c9a0a76fff292dfb0656a0b1afcff4174c5c850a6529ccfa71af5bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 20921
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:57 GMT
expires: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DEE 106 KB
33 KB 450ms
449ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&adk=1812271804&adf=3025194257&lmt=1664133776&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776302&bpp=4&bdt=462&idt=244&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60000d6f4f080aad9fcbb0ed637d7ec1b15fb4256cb9bc1622446e2c9a85b18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33486
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:56 GMT
expires: Sun, 25 Sep 2022 19:22:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CEA5 88 KB
31 KB 884ms
884ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bce94505965d6abf66b0bfc098263df7315cf4a5ed8bb252d8d54a84d4c0d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:57 GMT
expires: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E090 88 KB
31 KB 597ms
596ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1334409561&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776310&bpp=5&bdt=470&idt=263&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=6QHmULMk2Y&p=https%3A//windowstan.com&dtd=270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96f4fb1cb3850e40321824668b66f2628a32c22ec77ab868dfc806a4a75fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32030
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:57 GMT
expires: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFC9 100 KB
34 KB 615ms
614ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e680e21c805fc8b47b0dede96c03e0ecf84458d294a70a49997be93b303677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:57 GMT
expires: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 invisible.js Show response
protagcdn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 1A4B 37 KB
14 KB 39ms
38ms Script
application/javascript 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664121600
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd79454faaf004721537fbf5afa855bc4e3758e7f2e7be56465d83cf3f76031

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEOfTtnvSwkp3CGMINGLtVa1iy29vmPs1dOvL3X6624qlLl%2BMIsEB8nHYVs1MMr4mMHmnX8ZH3CFGyyz3czc%2F40Wx9OkuPhkRNw9%2F%2FJiwE%2F52VkPt10fE49zrH8FEwiFqxoVEguJ5%2F5OefE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750621a86e6f713f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
protagcdn.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1A4B 23 KB
8 KB 38ms
38ms Other
application/javascript 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25399b43e8cec290367c45c82dccd1db16c07670a910f3d999276d3648063a3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNa4IZbZxJ7Q5ngMfDFKZtf2DLX9P0yeQdCAwiyWTywiqCzHsa%2B7el8pk1ymemH7S2hJ1s9oJ%2BSpvqc%2FQiOSkNoTVJmgUju4PBab3re25CXUXwFQdL%2BTiXaTSmszRE5ayTi%2BdTQTWLr%2FIJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 750621a8cf87713f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 script.protag.js Show response
cdn.proadscdn.com/s/script.protag/ 132 KB
31 KB 84ms
41ms Script
application/javascript 2606:4700:20::681a:637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.proadscdn.com/s/script.protag/script.protag.js
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/windowstan.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1d18656936294a54e8ba07c0b459b652a767d2b54b97adcf0cbbd2852850885

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1940
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 22:57:27 GMT
server: cloudflare
etag: W/"20f2c-5dad6897b3c86-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqI4BTSNmm9lgxSZOfA7%2BfKe0i7onHhc9OhFVWDVTEu%2BlLMd5x4%2BsR3PKp9waG6133%2BOiYq2ffDj6JoSCIkKedUGjcEglURqFfYccPPm5vbVZUcTlcxgcRHoyPjIB57ZyXOTDFiPzbIL57uoFrs7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 750621aa4f2e715a-YUL
expires: Sun, 09 Oct 2022 18:50:37 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/ 149 KB
53 KB 47ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/reactive_library_fy2021.js?bust=31069739

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e12600e6989d2acb7d8d1c38e4a409072e3e16924953809410c55acc8c37021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54619
x-xss-protection: 0
server: cafe
etag: 1428449995793734178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2AB8 8 KB
1 KB 85ms
35ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=90&slotname=9455630818&adk=3440635097&adf=4251785803&pi=t.ma~as.9455630818&w=728&lmt=1664133776&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776176&bpp=35&bdt=335&idt=299&shv=r20220922&mjsv=m202209190101&ptt=5&saldr=sa&abxe=1&correlator=3049521105282&frm=20&pv=2&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2CVyRNiUr8&p=https%3A//windowstan.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 17:53:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 19:22:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 2AB8 2 KB
984 B 111ms
36ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 09:55:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 2AB8 23 KB
10 KB 94ms
20ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:47:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 2AB8 3 KB
1 KB 92ms
37ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:21:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 2AB8 17 KB
7 KB 97ms
25ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:21:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AB8 140 KB
44 KB 91ms
39ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H2 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 2AB8 33 KB
14 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 10:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:51:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2AB8 0
0 111ms
111ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_H3_kKowY43MI9Di_gTj6K_YDoq16Zds_v-sl6wQz9eivcABEAEg7InNIGD96KKB8AOgAf_bisgDyAEBqAMBqgT8AU_QZ-OUkMSNBuMuakVycQpx5P0BTVyMzIeePiYziCCdwlsxJONAGXceiNtceFIQk9jDB2h2PFuWSIgU46ytNLlapl4BroZFY08qQ3PmzpMIR36CpFDff1g9G6VSevxuTx9-hkHP3O03GC0BdsNJwOiU1ZYgbf2GvLe10MTR9XepxvCGYg38oI1NoEkUE4EjxXEqwuMa2i5wJLdfXsMwV3ScQeV83G8nBTOc2GE7Q5UM9G2gojIjz2vsK2_fN34PZXjTEDnF7wtm9IMGdbhalvVK4OTkArQ8KBa5WGq21k3f4DclFmn4fCkbfeexjjd1azpU0LrFTb5431GMq8AEmLnA4owEkgUECAQYAZIFBAgFGASAB9HbraICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkKgf0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI5MDYxNzY1NTcyNTk1MTcYAA&sigh=l237hpGoTrk&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=90&slotname=9455630818&adk=3440635097&adf=4251785803&pi=t.ma~as.9455630818&w=728&lmt=1664133776&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776176&bpp=35&bdt=335&idt=299&shv=r20220922&mjsv=m202209190101&ptt=5&saldr=sa&abxe=1&correlator=3049521105282&frm=20&pv=2&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2CVyRNiUr8&p=https%3A//windowstan.com&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9556912341294562049/ Frame 2AB8 5 KB
5 KB 67ms
23ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9556912341294562049/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72564934ba67689a669f7caffd4abedecd17364059f3712c02a06fa30a5e58b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 23:41:52 GMT
x-content-type-options: nosniff
age: 502865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4651
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 19:17:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 23:41:52 GMT

POST
H3 200 750621a6fb5a713f Show response
protagcdn.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1A4B 2 B
656 B 75ms
75ms XHR
text/plain 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/g/cv/result/750621a6fb5a713f
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664121600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSw2k39ZJfABfNJ9lfnKmtY8C23LJWXQDKrWHKighXqOcaAM6Il8Bd3afVb57%2BG%2F8dNxzUqClekMwtuj7oMzQCKqURwFDLp4mWZxwN%2BM1hyu1QfbEwXWy%2BdqlY%2FSQWm2Ka8aWw8HQzOamfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 750621adaba6713f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 90ms
48ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=windowstan.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 90ms
49ms Script
application/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowstan.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/ Frame 6461 10 KB
4 KB 21ms
20ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 77473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 21:51:44 GMT
etag: 9671129459699598864
expires: Sat, 08 Oct 2022 21:51:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 378 KB
127 KB 123ms
62ms Script
text/javascript 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.proadscdn.com
URL: https://cdn.proadscdn.com/s/script.protag/script.protag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b92b474abd6c41079a19e23fea79f0279dd70e3007c47e7773b9d3e7ca4f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128888
x-xss-protection: 0
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 13f3f09bfb49b566c7b639b7608c1c0e.js Show response
www.gstatic.com/mysidia/ Frame E090 10 KB
4 KB 69ms
26ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1334409561&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776310&bpp=5&bdt=470&idt=263&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=6QHmULMk2Y&p=https%3A//windowstan.com&dtd=270

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 05:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4281
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 05:30:04 GMT

GET
H3 200 5587343474cc56ee2b095ca803ffba7b.js Show response
www.gstatic.com/mysidia/ Frame E090 9 KB
4 KB 64ms
22ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5587343474cc56ee2b095ca803ffba7b.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e6bda52130a8da7876cc4068cdd3eaf0a2f6a1e3420d27df0c3f8c057731ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 05:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4266
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 05:30:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E090 8 KB
895 B 86ms
43ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 17:53:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 19:22:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame E090 2 KB
902 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 09:55:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame E090 23 KB
9 KB 69ms
24ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:47:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame E090 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:21:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame E090 17 KB
7 KB 74ms
30ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:21:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E090 140 KB
44 KB 147ms
103ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame E090 33 KB
13 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 10:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:51:45 GMT

GET
H3 200 13f3f09bfb49b566c7b639b7608c1c0e.js Show response
www.gstatic.com/mysidia/ Frame AFC9 10 KB
4 KB 57ms
28ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 05:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4281
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 05:30:04 GMT

GET
H3 200 4922e6fcff127e110c65392501c3f484.js Show response
www.gstatic.com/mysidia/ Frame AFC9 135 KB
50 KB 61ms
32ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4922e6fcff127e110c65392501c3f484.js?tag=video_mra/web_raspberry

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb384b000faba75cda5d7dd5aaeff01fe8c9682dc7e8a989cbd978036c2195ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51237
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 21:59:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AFC9 13 KB
970 B 71ms
43ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 18:47:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 19:22:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame AFC9 2 KB
902 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 09:55:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame AFC9 23 KB
9 KB 50ms
20ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:47:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame AFC9 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:21:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame AFC9 17 KB
7 KB 52ms
22ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:21:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFC9 140 KB
44 KB 87ms
58ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame AFC9 33 KB
13 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 10:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:51:45 GMT

GET
H3 200 13f3f09bfb49b566c7b639b7608c1c0e.js Show response
www.gstatic.com/mysidia/ Frame CEA5 10 KB
4 KB 50ms
29ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 05:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4281
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 05:30:04 GMT

GET
H3 200 5587343474cc56ee2b095ca803ffba7b.js Show response
www.gstatic.com/mysidia/ Frame CEA5 9 KB
4 KB 44ms
24ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5587343474cc56ee2b095ca803ffba7b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e6bda52130a8da7876cc4068cdd3eaf0a2f6a1e3420d27df0c3f8c057731ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 05:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4266
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 05:30:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CEA5 8 KB
895 B 64ms
44ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 17:52:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 19:22:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame CEA5 2 KB
902 B 23ms
22ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 09:55:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame CEA5 23 KB
9 KB 59ms
37ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:47:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame CEA5 3 KB
1 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:21:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame CEA5 17 KB
7 KB 60ms
38ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:21:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEA5 140 KB
44 KB 117ms
95ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame CEA5 33 KB
13 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 10:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:51:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 38EF 143 B
163 B 20ms
20ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=90&slotname=9455630818&adk=3440635097&adf=4251785803&pi=t.ma~as.9455630818&w=728&lmt=1664133776&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776176&bpp=35&bdt=335&idt=299&shv=r20220922&mjsv=m202209190101&ptt=5&saldr=sa&abxe=1&correlator=3049521105282&frm=20&pv=2&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2CVyRNiUr8&p=https%3A//windowstan.com&dtd=325
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 18:40:57 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2AB8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f43b30fc681415bf1903d76aa51abbeaea1b63d6e36ec2315e3f7b2f2071aeb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6461 0
0 57ms
56ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRUMnkKowY5KiJPKUoPMP4IC14AWXl4vMbNil2IfXEO2lsOWAEBABIOyJzSBg_eiigfADoAGQwODmAsgBAqgDAcgDyQSqBO8BT9DWMbTYcto6YvxyWBgwBkWWYORBhSmn2Bdz4NXFo891h7t9B6i_8HmxFKnOF-s3gXe2QaAb7QX98tydft5l_RY6sN7Pzc1XV6Z9Odqs7EU0_Z8dU3BAokhxj_OpIAktQfEGy0xnuJWgZBevfxy5Yv_2Yjkgq5JKvRJvCsX3GXP6fWipziz_N5vUQUYTYi2ZwUh_1EOirdKknNRhygBzMiqpirww2iI2SmRUpBvcwV2roLeYuHUfTxtsHfhiTtX8V9hg9uNkWkLIEjmi5hEpQem3Q4QkPo4RQPRIVs0aTMcqmANPHEfj9lfjkMyjmUbABPjUt4aKBJIFBAgEGAGSBQQIBRgEoAYCgAfYv5-ZAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKujJ9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yOTA2MTc2NTU3MjU5NTE3GAA&sigh=2EgAewNgu5c&uach_m=[UACH]

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 6461 23 KB
9 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:47:43 GMT

GET
H3 200 7316150109463188412
tpc.googlesyndication.com/simgad/ Frame 6461 23 KB
23 KB 22ms
19ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7316150109463188412?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm_gLy3QQdSp0oPrXwgJwxBZGML7A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afa60f9e3a01f197f4bf304e83c8a9e7d011f71fce273faffced31d4e539e75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 05:45:12 GMT
x-content-type-options: nosniff
age: 308265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24030
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 20:08:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Sep 2023 05:45:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 6461 3 KB
1 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:21:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 6461 17 KB
7 KB 23ms
20ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 17:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 17:21:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6461 140 KB
44 KB 46ms
43ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:22:57 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 6461 32 KB
13 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e9a6b83eabe383b954ff2ea312241161d6f422cca61b6531dd247028facd32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 14:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13557
x-xss-protection: 0
server: cafe
etag: 14526688295695256096
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 14:30:28 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2AB8 28 KB
28 KB 68ms
20ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 205097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 10:24:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E090 0
0 61ms
60ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIXxFkKowY4b1JaKFvPIPmrmciAvV3reFa4HCxfHJD4qMg5-PDhABIOyJzSBg_eiigfADoAHN_tHyA8gBAakCW7uLC52vqD6oAwHIA8sEqgToAU_QGyY-26o-K9AsNrBA6tx7xJMVBVRFPvJhwSsVrHCjiqiYxSKpRznoBwg7lhBwhgFBYLatwOsSu_sEeG10ypq65NBRgb1d-NBktwaY9Q0_fk8REfV_sSRuqGVvo5c1nQkd_qHQGiiuKsoognVF2nucr72mU7C8JvIhKNcgSCMdY6fROooUygCfxV0X92wooUSGtEPij6xvPc0_6ODn8N-uYcjmaa6nZTHtNOrMMGrrITvfRnkJKGBcmx3No_B8-POj8GhTho3P_dq4MgSyqiDiyrOkkzCRiaBaVUCBYoUB3MJRLbo2a-bABKDo_cGTApIFBAgEGAGSBQQIBRgEgAfb7NGAAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKfBEdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yOTA2MTc2NTU3MjU5NTE3GAA&sigh=A_Ob5eCrc0M&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1334409561&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776310&bpp=5&bdt=470&idt=263&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=6QHmULMk2Y&p=https%3A//windowstan.com&dtd=270
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BD9F 143 B
163 B 21ms
20ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1334409561&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776310&bpp=5&bdt=470&idt=263&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=6QHmULMk2Y&p=https%3A//windowstan.com&dtd=270
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 18:40:57 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame AFC9 0
327 B 903ms
37ms Ping
image/gif 2607:f8b0:4002:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8hqa8y2&c=5544972719140&slotId=2772486359570&qqid=CP2v9bTVsPoCFfJwNQodX8sCTQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4922e6fcff127e110c65392501c3f484.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c11::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13472849712471096546/ Frame AFC9 3 KB
3 KB 21ms
21ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13472849712471096546/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72569f093b72975b94b38f82961069544529f3bc24d107cab20e148082e6c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:54:58 GMT
x-content-type-options: nosniff
age: 347279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2940
x-xss-protection: 0
last-modified: Tue, 20 Oct 2020 10:05:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 18:54:58 GMT

GET
DATA 200
OK truncated
/ Frame AFC9 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3096157914137874922/ Frame AFC9 71 KB
71 KB 22ms
20ms Image
image/jpeg 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3096157914137874922/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927b5bc14a6688209c58fd0354eea7cdbb23d6f483b94a460b26abbf215bc125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 13:23:50 GMT
x-content-type-options: nosniff
age: 280747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73032
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 09:45:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Sep 2023 13:23:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFC9 0
0 60ms
57ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxVE-kKowY_2nJvLh1QHflovoBJy2pcRq3rGH9fcPytPZ-_MiEAEg7InNIGD96KKB8AOgAbLA1qwCyAEJqQIxVbkxJ9SCPqgDAcgDywSqBOUBT9AImousE-btkllYfsf5iYb8e2YDnWilRdzIglduSuGOLieJy3wmWj3vBHydeY8SYH-bjq7X3c6Rhv70lEzrGTcD1nDvboN-5fRgzL0iCMRJJnyrpXs9WKrQ8FG2p4kqZ2aHz5-XA0tnp88nt5kAwElANFytiv5GZsqKJKnLbL7g3n8ado-GKFhEVYHBl25eRThUqywDkHiW5AhoRCpjQcM-ApPK-9RVNYFXl0-ifraLrcpOMLftjUEu002A7DNhMCnrr4E54xajGCeVG8X_B-WMs15i2dfXUM8dYk36bYafPKhIlsAEyv_Im4gEkgUECAQYAZIFBAgFGASgBi6AB7a_qdMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ39MQ0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBOcG9gTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0yOTA2MTc2NTU3MjU5NTE3GAA&sigh=Fl_J2EaE0Ms&uach_m=[UACH]&template_id=3484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CEA5 0
0 57ms
57ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-6cQkKowY5iGJZSIvPIPsOCmsAGKtemXbKCAh-HREN_xgPOTMhABIOyJzSBg_eiigfADoAH_24rIA8gBAagDAcgDywSqBPoBT9AbIMby2IwA09jiUwOy1c0YcJAnkMoT6ziENPqJqCS9oH-7QvA5Z8HhscTLi4ALEMRUExt6uvw1htkcf0Xp9w_eIX1uXyPr1yLp8XZpyZ_rc0ClqexUQXfJkVkNX6cFOUGYH2XQfnKvzO23V6MSZMf6A--1aij1zzKXOHq-CX4IxWGBt5-LWyHCE6ltctsYq3ARHeSxo7LK2ftukdXsK3we6wW0J1rDYJHGtxNQIZNZr3HixuSBk_7AUey6kj5aRQnPO5WqCYn5Qj1ekO0AmarMp9thhDZVVPP_TQgGcFOjmbL3cf6VmnCGnS-vRRYES42sw74DRBrpJ8AE6JiU4owEkgUECAQYAZIFBAgFGASAB9HbraICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrrcX0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI5MDYxNzY1NTcyNTk1MTcYAA&sigh=BRTswo-iwHg&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Sep 2022 19:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E090 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37021d9a3e2c1736286129d9922051a84a70fc53a0eec04cfa0cf05ec3ae0226

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AFC9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cb2689c8748b9f8c5002f2697cfac7241ce6c5bd35993b7cdd626e1ee09b6d1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

206

videoplayback
r5---sn-t0a7sn7d.gvt1.com/ Frame AFC9
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=ip,ipbits,expire,id,...
https://r10---sn-quxapm-3c2e.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,...
https://r5---sn-t0a7sn7d.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mi...

1 MB
1 MB

180ms
89ms

Media
video/mp4

2607:f8b0:4020::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-t0a7sn7d.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=315ADEEF29E7C014319E1922F74121E3AAA2EDBC.482A0B50046D65F856C92821D7AD59E22794F25E&key=cms1&mh=nA&pl=32&redirect_counter=1&cm2rm=sn-quxapm-3c2ee7&req_id=eab92b5b267e36e2&cms_redirect=yes&ipbypass=yes&mip=2607:5300:60:7867::14&mm=42&mn=sn-t0a7sn7d&ms=onc&mt=1664133052&mv=u&mvi=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Server

2607:f8b0:4020::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b0c279199319ccbe22367e36f63998a6a112713b1cefc255c2f1126eaf122f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 15:23:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1220677/1220678
client-protocol: quic
cache-control: private, max-age=6898
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1220678
expires: Sun, 25 Sep 2022 19:22:59 GMT

Redirect headers

date: Sun, 25 Sep 2022 19:22:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/html
location: https://r5---sn-t0a7sn7d.gvt1.com/videoplayback?id=f0f1a088b3bc5f87&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1664140977&sparams=expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=315ADEEF29E7C014319E1922F74121E3AAA2EDBC.482A0B50046D65F856C92821D7AD59E22794F25E&key=cms1&mh=nA&pl=32&redirect_counter=1&cm2rm=sn-quxapm-3c2ee7&req_id=eab92b5b267e36e2&cms_redirect=yes&ipbypass=yes&mip=2607:5300:60:7867::14&mm=42&mn=sn-t0a7sn7d&ms=onc&mt=1664133052&mv=u&mvi=5
cache-control: private, max-age=900
content-length: 0
expires: Sun, 25 Sep 2022 19:22:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04B8 143 B
163 B 21ms
20ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 18:40:57 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CEA5 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8c36c421899fdab1cfb9b7f51a76519bc40e49f35cf6f61af3b29fcfa36b3e8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8D9 143 B
163 B 21ms
20ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 18:40:57 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6461 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20a02d8fe49cf308cc73be4418fd0a17cbe4da884babd4c14591ba4e3c817c3d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 38EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

45ms
42ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:58 GMT
expires: Sun, 25 Sep 2022 19:22:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E090 28 KB
28 KB 62ms
20ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 205098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 10:24:40 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame AFC9 28 KB
28 KB 54ms
22ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 205098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 10:24:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BD9F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
39ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:59 GMT
expires: Sun, 25 Sep 2022 19:22:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:22:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame CEA5 28 KB
28 KB 28ms
28ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 205098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 10:24:40 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AFC9 0
17 B 120ms
43ms Ping
image/gif 2607:f8b0:4002:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l8hqa8yf&c=5544972719140&slotId=2772486359570&qqid=CP2v9bTVsPoCFfJwNQodX8sCTQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F13f3f09bfb49b566c7b639b7608c1c0e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4922e6fcff127e110c65392501c3f484.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c11::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AFC9 0
17 B 121ms
45ms Ping
image/gif 2607:f8b0:4002:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l8hqa9sg&c=5544972719140&slotId=2772486359570&qqid=CP2v9bTVsPoCFfJwNQodX8sCTQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F4922e6fcff127e110c65392501c3f484.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4922e6fcff127e110c65392501c3f484.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c11::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AFC9 0
17 B 120ms
44ms Ping
image/gif 2607:f8b0:4002:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l8hqa9sh&c=5544972719140&slotId=2772486359570&qqid=CP2v9bTVsPoCFfJwNQodX8sCTQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fb6810b6596f7ed55ed76c68d0358aca1.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4922e6fcff127e110c65392501c3f484.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c11::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

41ms
40ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:59 GMT
expires: Sun, 25 Sep 2022 19:22:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

46ms
45ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:59 GMT
expires: Sun, 25 Sep 2022 19:22:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:22:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame A90C 36 KB
16 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 14:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 14:29:01 GMT

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame B54B 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 14:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 14:29:01 GMT

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 91E0 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=2710545378&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776306&bpp=4&bdt=466&idt=255&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WA8m4D1uAQ&p=https%3A//windowstan.com&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 14:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 14:29:01 GMT

GET
H3 200 bridge3.532.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8A91 638 KB
207 KB 63ms
20ms Document
text/html 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 77525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211807
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 21:50:54 GMT
expires: Sun, 24 Sep 2023 21:50:54 GMT
last-modified: Wed, 21 Sep 2022 16:06:04 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 482ms
411ms Script
text/javascript 2607:f8b0:4006:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Sep 2022 19:22:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 61ms
60ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=windowstan.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 62ms
61ms Script
application/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowstan.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 206 burning-man.mp4
media.proadscdn.com/global/whitelabel-videos/ 1 MB
0 37ms
24ms Media
video/mp4 2606:4700:20::681a:637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.proadscdn.com/global/whitelabel-videos/burning-man.mp4
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://windowstan.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 25 Sep 2022 19:22:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342353
Content-Range: bytes 0-9433767/9433768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9433768
last-modified: Mon, 14 Sep 2020 09:45:11 GMT
server: cloudflare
etag: "8ff2a8-5af42e3fa8b4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djbl8yNe0HT%2FUxbMDjIA5EZE%2BpoH9sAxMJPValKft78blB%2Ff%2BJTKN4TGlnX2wnbcU6zYJbjkuLG0UWqjU5XUdx5dHK5844ckbkYj7OepO2pcri8eZZEABvPoq0CzjiUcwMxehEbdUgrNRUcwjP%2Bz%2BNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2678400
cf-ray: 750621b96ace715a-YUL
expires: Wed, 05 Oct 2022 20:17:06 GMT

GET
H3 206 burning-man.mp4
media.proadscdn.com/global/whitelabel-videos/ 189 KB
189 KB 164ms
136ms Media
video/mp4 2606:4700:20::681a:737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.proadscdn.com/global/whitelabel-videos/burning-man.mp4
Requested by: Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae5e4caf4ec051850b9cf1bb2e7f5be8e1ef438393577d986c2edd55b4b5487

Request headers

Referer: https://windowstan.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=9240576-

Response headers

date: Sun, 25 Sep 2022 19:22:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342353
Content-Range: bytes 9240576-9433767/9433768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 193192
last-modified: Mon, 14 Sep 2020 09:45:11 GMT
server: cloudflare
etag: "8ff2a8-5af42e3fa8b4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU8VWeJSF0qqLnxcdo3ORzOyBvrq6lkm%2BDZnpm7mc9ey4BcyW8nO3f8Lgm4Gj8i5ijvZUrJILSjx6zDXAsGIaTgxrQnKoGM1T6q4%2BTZ1sQ9B3Z8wq5iPCp9B8rphyM4ztKYUi9pMTnEdcwWgafk3tyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2678400
cf-ray: 750621baee53715a-YUL
expires: Wed, 05 Oct 2022 20:17:06 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AFC9 42 B
64 B 41ms
40ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CuHuLkKowY_2nJvLh1QHflovoBJy2pcRq3rGH9fcPytPZ-_MiEAEg7InNIGD96KKB8AOgAbLA1qwCyAEJqQIxVbkxJ9SCPqgDAcgDywSqBOgBT9AImousE-btkllYfsf5iYb8e2YDnWilRdzIglduSuGOLieJy3wmWj3vBHydeY8SYH-bjq7X3c6Rhv70lEzrGTcD1nDvboN-5fRgzL0iCMRJJnyrpXs9WKrQ8FG2p4kqZ2aHz5-XA0tnp88nt5kAwElANFytiv5GZsqKJKnLbL7g3n8ado-GKFhEVYHBl25eRThUqywDkHiW5AhoRCpjQcM-ApPK-9RVNYFXl0-ifraLrcpOMLftjUEu002A7DMjMgh5TTjzmZNpFNQ5OAl7RsSGR1dMwTdJgrWYitftQZ4J1hxrWi6lLcAEyv_Im4gEoAYugAe2v6nTAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECxCbMc04vF06B5gAoBmAsByAsBgAwBuAwBuBOcG9gTDYgUA9AVAZgWAfgWAYAXAQ&sigh=GTNWdSuRw_o&cid=CAQSGwCsnQUxwzuFEgzMbpxh9IX_Yfu7qgPnObaVqA&label=adresume

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8200 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 14:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 14:29:01 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8A91 81 KB
17 KB 527ms
454ms XHR
text/xml 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?description_url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&env=vp&vpmute=0&vpa=click&gdfp_req=1&iu=%2F162717810%2C22580141568%2Fwindowstan.com%2Fpro_video&output=xml_vast4&sz=640x480&unviewed_position_start=1&vad_type=linear&cust_params=domain%3Dwindowstan.com%26subdomain%3Dwindowstan.com%26site%3Dscript.protag%26protag_video%7BmyEqual%7Dvideo%26pa_player%3Dcombined&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1572423475&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=098A8CA8-3275-40A0-AF84-651EC6B2A468&nel=0&eid=44748969%2C44750822%2C44754420%2C44760950%2C44765701%2C44771693&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&dt=1664133779698&cookie=ID%3D2e1fb7324c97910b-225de1dc4dd7009a%3AT%3D1664133776%3ART%3D1664133776%3AS%3DALNI_MYm86NE6egCB9C5XH7f48m4almq0Q&gpic=UID%3D0000086d8d18b2fd%3AT%3D1664133776%3ART%3D1664133776%3AS%3DALNI_Mb64h3OJEK0EZJOUfGjoeoZEd2GQw&correlator=2735054337579551&scor=22495233440152&ged=ve4_td4_er241.1012.393.1012_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84e89790664f5e9de771170391280c0a4004427cf342004772f373fa78b4774b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16981
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AB8 42 B
64 B 89ms
46ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLQ1aGXsZnNt_8TMRWORGPK5zMIb4tm6SaC1Kzf84KKarSAuOws1nJ-NOquvJCdJyERrP0suHR1b0wRYXnll8mxLdQhViMdZQhHJWRQMF5S7qUfpqEgHq2AFN4MzelQUb1TNc&sai=AMfl-YRIQEfoUCq7l5dXHrc1ezlZOOR1pUDEgdU1XCzDERa1eiu5TNmoLXIUPwGjjNZOwuvWKKlOahhWLs0D&sig=Cg0ArKJSzBARCf6KijU8EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3440635097&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664133776503&rpt=2280&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AFC9 42 B
64 B 45ms
41ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 44ms
43ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e081b0fd410f2e50caa2d73f318aeccd508c82787c9fe90c2ebb470fc826f273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11177
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6461 42 B
64 B 48ms
47ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBLXdf5EASiqFCWGiaNVQ2LujYUc03YKxPrvcPnsoUJIEgGAQcAUJGllbRIQDJHRe_ZsuspM0soVlCoboIzL0Q8dc84mbj5Ubf9LPEQyimWbpI7sMiuLS_3fz6lDKvY61zK08&sai=AMfl-YTeasj0oeiKfWtQ0S_dGJF1fxXHYpU14isEbhyWBDua-RR7qSq-vES_iE-mvzQtnBFAz1CdnztSXBpS&sig=Cg0ArKJSzFrUi2USux3TEAE&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=970,1002,1002,1002,1002&tos=970,32,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664133777547&rpt=1297&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:22:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069739

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:22:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 828E 13 KB
5 KB 49ms
29ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 51609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 05:02:51 GMT
expires: Mon, 25 Sep 2023 05:02:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E59A 783 B
536 B 66ms
40ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

539399ddb353f51629f1786381f829b09771b7115295404149dad81d08319205

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wB86b22rWx4LJIX682bvHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-wB86b22rWx4LJIX682bvHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:23:00 GMT
expires: Sun, 25 Sep 2022 19:23:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E59A 0
0 38ms
38ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=2768931815120012&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 828E 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 14:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 14:29:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E090 42 B
64 B 46ms
45ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0B9cWbZ4sFcO1KvSy3oFSoQOR0Otfju_SEItV1x-T887eqoNTkfax-ypWKb3gaX8INelfW9F8jmnPME7AeErZqLdOAgL3dTBvYmouF7FxU9Q546kEZniITOFG6EKNTBPjZDc&sai=AMfl-YQRtOshQs38hB3UNM4-S0kLpaCWCvgwONvT_yBAG-cQ3p8vwGlFwF38eKnvCCTeIeYP0Y5rh_Idw6er&sig=Cg0ArKJSzCNmUi0uCnV6EAE&id=lidar2&mcvt=1006&p=0,0,314,376&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=502607372&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664133776582&rpt=2621&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CEA5 42 B
64 B 49ms
48ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnf25l4XiubjlDyYgywNLh8LQeeILd0gmszQNmd4ZRu6GTTkw0pDZRR7d7TJ-7eeWtpaAdsRzzGauiNxd7WBUC0U9xmVcmV7E4llvGbnSiFFGmNdogwVEYPV1wpAuE2gPfats&sai=AMfl-YTYoUQxBtNrD59iyMIE0QchfF9y6yqAq-q6FbUYFKZywvOsNTmis9fzqDFP3tfxAS8Qkhn-w789lbmx&sig=Cg0ArKJSzAy5FzabfgIqEAE&id=lidar2&mcvt=1082&p=0,0,314,376&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=502607372&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664133776569&rpt=2657&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 828E 0
11 B 19ms
19ms Image
text/plain 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RBpatA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFC9 42 B
64 B 46ms
46ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxUCm96VVna3vGGm0AsmFTvsUE8oKAhLJ1ZBnLqr2zxMM8e7KokGhW5vsSFYMLDz3LVxMGUJuLymUNxswqiFHJTr1VdBSv179hW6KxcZiH-nm0fIq_sBp2RMJkNdVn0MTEgzk&sai=AMfl-YQcBjvQ8pqgpdaHOYx-z5ErYp1GEMMtewU9nUawAOKwcPiFZOUv5duz9TDsKuJ1VLS06BzZZrvXmZ8B&sig=Cg0ArKJSzPaA5NQhGDkKEAE&id=lidar2&mcvt=1003&p=0,0,314,376&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=502607372&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664133776593&rpt=3070&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AFC9 0
17 B 38ms
37ms Ping
image/gif 2607:f8b0:4002:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l8hqa9si&c=5544972719140&slotId=2772486359570&qqid=CP2v9bTVsPoCFfJwNQodX8sCTQ&dm=20000&event_name=first_play&asset_bytes=98360&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l8hqaahv
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4922e6fcff127e110c65392501c3f484.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4002:c11::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=2768931815120012&bg=!MDOlM3fNAAYIxsuQKMY7ACkAdvg8WpuHYZFYyyDcd3tI1p0u6Q-EONJZAumBfxl1L1KOorsMX-uigQIAAADkUgAAAA5oAQeZAph1b98e6pU-zg2yQ0ce58o5hIvGlQ8b1niY_XsC3xC-2aVRhE0G-y8zOO5znyazTQzsIUXg2DhbCvuC7Fty2Z4TOkp_9dIh8Z1sZNk_CzIRggTf_MGD6g7QX3OxO4KcruY3QGfCP_ZS40miE6Wntui1HxYyja-ZcM7u7KGwmhpoZNZCHiEwjgCyMOGMnVD4oVaaeyj3KDrk-Q11G8g9SWzGQt2ycLPh5BY8Ihwl6WFe8sDzq0_i56FJjVhn7LY4Rn8nOHreA0EGyQ8eo7Kfe8_6v30NlS21x8-2q3COz0uHEqyPN2TrUQ2ZmIzYYb3cPJw5TUjFg75go5eeXjdh6zhEh_aVgjSA1Sp0hjvwGy4_elBhHh6OKTQpm0WxI3Fyem104yKZYjr_bgqeiFc9d7IkH0hD_GslBY88Yt_wHn9-u_mb-Lb3Bys0daFfnNt_JXuvG3vpF0VoLZU2tJap4-MzcfQaTRt3hEqCkoxh73nCAh_pLutzNt8_YpF0OP8jlTwD1hTaNZjI1cgjK9n6tXxQiqQfmOfKGrxhNni7FR7vLvc36-AlxDlN_4TrniT8yq1-cwtkdPmPFy_kaS4sXKIKGfccluagASzTnAVTxpzEi2qPU9CXTZt00hdSnxbmzJ9Q2Rh1NGQo8Sx2CEpRt8WO_fa_zc7ugO1mxReTwn6QCVQ-n1-Bz5Si6VGKj-KeWjxIAf6NEhzPNqulSIRjUqAOVxqhuvY-YUjmWfGMr6qM2FJ17ZfNfznHTx8jmP2EfM_tOpii9yRG7Ehty40nRXezXocn5DUTE2eb40N65b4hzZR0X_HApUOazCJtUWCHpXq1jTfLUZ_DiWwcukBhkyZlmUGJVkdT_CJjnjS9ME4fktDVYq8SZ5kS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=windowstan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowstan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 19:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 KB
78 KB 606ms
606ms XHR
text/plain 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2768931815120012&correlator=1063523880125116&eid=31068929&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=162717810%3A22580141568%2Cwindowstan.com%2Csticky-bottom%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=970x90%7C728x90%2C1x1&ifi=7&adks=2467940206%2C3685881077&sfv=1-0-38&ists=1&fas=0%2C8&fsapi=false&prev_scp=env%3Dprod%26site%3Dwindowstan.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fwindowstan.com%252Fdownloading%252F%253Fdlm-dp-dl%253D9495%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D58%26protag_minutes%3D22%26protag_hours%3D19%26protag_day%3D0%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dwindowstan.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fwindowstan.com%252Fdownloading%252F%253Fdlm-dp-dl%253D9495%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D58%26protag_minutes%3D22%26protag_hours%3D19%26protag_day%3D0%26protag_interstitial%3Dinterstitial%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-interstitial&sc=1&cookie=ID%3D2e1fb7324c97910b%3AT%3D1664133776%3AS%3DALNI_MYd5fKDCEvGGXZ9h6BNQXmaWeoEwg&gpic=UID%3D0000086d8d18b2fd%3AT%3D1664133776%3ART%3D1664133776%3AS%3DALNI_Mb64h3OJEK0EZJOUfGjoeoZEd2GQw&abxe=1&dt=1664133781483&lmt=1664133781&dlt=1664133775840&idt=584&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

87b34c15e92a0ce84916aef1a2a1af5cc71b81023dd1a42cc11f69709fcd6733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79790
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windowstan.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0651 6 KB
4 KB 106ms
33ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:23:01 GMT
expires: Mon, 25 Sep 2023 19:23:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 21ms
20ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

3a4b4ac7ae8dafdb70f970191795511cf7715c4680b58669ce5096a7a01f462e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 06:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Sep 2023 06:22:40 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 278ms
76ms Script
application/javascript 35.164.244.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.244.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-244-115.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
cache-control: public, max-age=86400
last-modified: Sun, 25 Sep 2022 11:07:28 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 64ms
11ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:47:01 GMT
content-encoding: gzip
age: 1784161
x-guploader-uploadid: ADPycdvw6-n737HhpUUPlICd1stWZ4ExjFn4II9Ick3NSu_4WW3tzOMG7fftAPvYyKNuVyd6IN5Fb7JoqGoLqA-vC0Scpg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Sep 2023 03:47:01 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 384ms
27ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-a1fb"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Sep 2022 19:23:02 GMT

GET
H3 200 container.html Show response
9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE61 6 KB
3 KB 61ms
20ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:23:01 GMT
expires: Mon, 25 Sep 2023 19:23:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&rid=esp&cc=1

85 B
103 B

67ms
44ms

Fetch
application/json

34.120.107.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&rid=esp&cc=1
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b27b187f9ce711bd456d17c3b43a0eedb99e4aa64f591a851167ee9ab2d58c9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://windowstan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
via: 1.1 google
etag: W/"55-hAevJAs1S+lUR+bvdLxt/7powoc"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowstan.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 25 Sep 2022 19:23:02 GMT
via: 1.1 google
access-control-allow-origin: https://windowstan.com
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 css2
fonts.googleapis.com/ Frame AE61 4 KB
636 B 42ms
39ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 17:51:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 19:23:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 19:23:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 74E3 6 KB
672 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 17:53:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 19:23:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 19:23:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 74E3 2 KB
909 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:12:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 74E3 23 KB
9 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:16:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 74E3 3 KB
1 KB 28ms
22ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:14:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74E3 140 KB
44 KB 86ms
81ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 19:23:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 74E3 17 KB
7 KB 28ms
23ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 18:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 18:56:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 74E3 0
0 43ms
37ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTV3B1AlwcUdqHBvfThRuEJejTDJRRKk9pFD9UwHGEIM4a9mPWkRCIdeO8xIbHwFqs_Np08LEEP9xjqE_LB4n-lshwnRw
Requested by: Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 74E3 33 KB
13 KB 32ms
24ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 10:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 21:51:45 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame AE61 19 KB
8 KB 32ms
28ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 2919620596669342719
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 19:07:51 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE61 205 B
229 B 27ms
24ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:06:39 GMT
x-content-type-options: nosniff
age: 299783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Sep 2023 08:06:39 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE61 604 B
628 B 27ms
25ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 205104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Sep 2023 10:24:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D88 1 KB
749 B 26ms
21ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 82769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 20:23:33 GMT
etag: 48472445140208031
expires: Sun, 25 Sep 2022 20:23:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6D88
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI4iAN0emN6soimdEWCCEmA&google_cver=1&google_push=AZmPxg8S-oMbK-n97nzZgyGXiL1QqjnUG__xSIuaR0shK5h6ZjEy_TdT-q-y5xRnDlezmvMoOpT2cs8Dx0i_aKJXs5lGBr-fwF3I
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI3NjM4NTMzMzY3MDQ2NzU2OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4iAN0emN6soimdEWCCEmA&google_cver=1

43 B
398 B

133ms
43ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4iAN0emN6soimdEWCCEmA&google_cver=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4iAN0emN6soimdEWCCEmA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6D88 35 B
463 B 127ms
25ms Image
image/gif 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEnQlXVb3JLIsS_WYwHxgck&google_cver=1&google_push=AZmPxg9QZ7p1HEgGuXUBuJoy39tAjUB1JkSAZQOB_KJOOUNQZi8_ZExJjFiJV-fwEIBrjy2mR85RjUJev62L68vkuqi5KOAiDxSnfw

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6D88
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOx95j8w8TxE5XHXJ_pzEjA&google_cver=1&google_push=AZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOx95j8w8TxE5XHXJ_pzEjA&google_cver=1&google_push=AZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMG...

43 B
416 B

115ms
101ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOx95j8w8TxE5XHXJ_pzEjA&google_cver=1&google_push=AZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
cf-ray: 750621cd9cfb715a-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 65
cf-ray: 750621cc5a44715a-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOx95j8w8TxE5XHXJ_pzEjA&google_cver=1&google_push=AZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9ELsC38FsYWuWbVOJ1gyjJ0ALgjcS_gxCb2BSCLO9ugE8LfWCMe9zWysLXJKCa0j0EyOUHGbuoG96Ie7v2UN9qpBgLwMGu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D88 0
232 B 100ms
39ms Image
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwJ0ZbYMbgHpm36F0g6TFHyg47JWQzjai1jkHdi_hovw

Requested by

Host: 9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
URL: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 3557 623 B
832 B 98ms
41ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e12f770ad95f2e9792ebd473b8a738fa17005e370abc8fb35cac62b5887ffea6

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 407
content-type: text/html
date: Sun, 25 Sep 2022 19:23:02 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9344 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: windowstan.com
URL: https://windowstan.com/downloading/?dlm-dp-dl=9495

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 05:02:51 GMT

GET
H2 503 ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 3557 0
178 B 55ms
10ms Image
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664133783.689716,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-yul12828-YUL

GET
H2 200 be88c177-d4dd-e7df-dfd7-c3ebdac1d212
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3557 43 B
603 B 328ms
28ms Image
image/gif 2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/be88c177-d4dd-e7df-dfd7-c3ebdac1d212?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 19:23:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3557
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a82f276f-6bd7-427f-b934-fda8cf51cf58&ttd_puid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0&gdpr_consent=

43 B
323 B

42ms
40ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=a82f276f-6bd7-427f-b934-fda8cf51cf58&ttd_puid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=a82f276f-6bd7-427f-b934-fda8cf51cf58&ttd_puid=2a4fa733-4471-7596-ee00-d51e25961f5b&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3557 170 B
188 B 63ms
37ms Image
image/png 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDYyMDc0ZjktOGQwNi0yYjMyLWZiZTAtOGZhN2VmNzRkMTNi

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3557
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGijtYPQDymtEnT3moreyoo&google_cver=1

43 B
106 B

92ms
45ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGijtYPQDymtEnT3moreyoo&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGijtYPQDymtEnT3moreyoo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9C41 15 KB
6 KB 387ms
25ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=windowstan.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://windowstan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 19:23:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 727065
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso
download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/
Redirect Chain

https://windowstan.com/download/9495/?dlm-dp-dl-force=1&dlm-dp-dl-nonce=1b2969a748
https://download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso

0
0

621ms
311ms

Document
application/octet-stream

2600:1400:d:596::317f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1400:d:596::317f New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://windowstan.com/downloading/?dlm-dp-dl=9495
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 6101768192
Content-Type: application/octet-stream
Date: Sun, 25 Sep 2022 19:23:03 GMT
ETag: "0x8D68D23EAEB661B"
Last-Modified: Thu, 07 Feb 2019 17:44:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-content-md5: ifwQaQyZ0U4zY9I7Pi9gMw==

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 750621cf284b7139-YUL
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 19:23:03 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://download.microsoft.com/download/E/A/8/EA804D86-C3DF-4719-9966-6A66C9306598/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_HOMEPREMIUM_x64FRE_en-us.iso
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRrFoiNtmwQ%2BAyyXLn17%2FfwPjHTJHXbPiUHTazG%2FyRrm3Q8T4NmWzg7DN1W38Ehn7BDsyL%2B99EsGn6O6%2FEYqTCvKze0ldQOgQeugxx5yQEIyJa4aqiDau2CnNvuzXTs1BXZGqik7zdFYp%2FdsDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,Accept-Encoding
x-robots-tag: noindex, nofollow

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9C41
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=windowstan.com&sn=ChromeSyncframe&so=0&topUrl=windowstan.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ial1uHx1dlVEZU96QTExNU1NNm9Xc2dPQ3c3RGxlTFptbWJQN0gzYWp5V280NFNrb01OZFRsZHkxQ2RCSGhFcVdoaWpPeCsrd3N2d3o3cHV5eFM3UjJjM21GME1kSzB5T2hHNEtENHpjZTFjdjJvZHlDR2gzRGtxTEkxak...

441 B
659 B

248ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ial1uHx1dlVEZU96QTExNU1NNm9Xc2dPQ3c3RGxlTFptbWJQN0gzYWp5V280NFNrb01OZFRsZHkxQ2RCSGhFcVdoaWpPeCsrd3N2d3o3cHV5eFM3UjJjM21GME1kSzB5T2hHNEtENHpjZTFjdjJvZHlDR2gzRGtxTEkxakdSWDRjZXlubWJBbnpLc3BjMktmbXcrZW1qN1ZjMHp2UGtWWllnZFdhQnFlZUo4SFl5MmZQa3ZUQVBvamo3RXRPUWpDSndHS2dPQVozdjk5K0RDOVRMK2JDamQyeHhNNDVTV1NVaitFZ2V3T3VVbnFwRUYxSEI2QkFwVDdQcE96K3NhUFNHNmlGUjZrSlNXWVY3bU81M1pJNEx1L3hqQT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1c9e805c4b54d95846ca12d4f85c31f09292b3b3da7764623145902fa88ff5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2324064
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:02 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=ial1uHx1dlVEZU96QTExNU1NNm9Xc2dPQ3c3RGxlTFptbWJQN0gzYWp5V280NFNrb01OZFRsZHkxQ2RCSGhFcVdoaWpPeCsrd3N2d3o3cHV5eFM3UjJjM21GME1kSzB5T2hHNEtENHpjZTFjdjJvZHlDR2gzRGtxTEkxakdSWDRjZXlubWJBbnpLc3BjMktmbXcrZW1qN1ZjMHp2UGtWWllnZFdhQnFlZUo4SFl5MmZQa3ZUQVBvamo3RXRPUWpDSndHS2dPQVozdjk5K0RDOVRMK2JDamQyeHhNNDVTV1NVaitFZ2V3T3VVbnFwRUYxSEI2QkFwVDdQcE96K3NhUFNHNmlGUjZrSlNXWVY3bU81M1pJNEx1L3hqQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 657759
content-length: 0
expires: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AFC9 42 B
64 B 41ms
41ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2906176557259517&output=html&h=314&slotname=2402069342&adk=502607372&adf=1911404390&pi=t.ma~as.2402069342&w=376&fwrn=4&lmt=1664133776&rafmt=11&psa=0&format=376x314&url=https%3A%2F%2Fwindowstan.com%2Fdownloading%2F%3Fdlm-dp-dl%3D9495&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664133776315&bpp=2&bdt=475&idt=270&shv=r20220922&mjsv=m202209190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C376x314%2C376x314&prev_slotnames=9455630818&nras=1&correlator=3049521105282&frm=20&pv=1&ga_vid=356564035.1664133776&ga_sid=1664133776&ga_hid=2054040148&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31069739&oid=2&pvsid=2768931815120012&tmod=1170672958&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=DwbN49VtYi&p=https%3A//windowstan.com&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 19:23:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.windowstan.com/	1970-01-20 15:51:33	Name: _ga Value: GA1.2.356564035.1664133776
.windowstan.com/	1970-01-20 06:17:00	Name: _gid Value: GA1.2.1168234333.1664133776
.windowstan.com/	1970-01-20 06:15:33	Name: _gat Value: 1
.windowstan.com/	1970-01-20 15:37:09	Name: __gpi Value: UID=0000086d8d18b2fd:T=1664133776:RT=1664133776:S=ALNI_Mb64h3OJEK0EZJOUfGjoeoZEd2GQw
.doubleclick.net/	1970-01-20 15:51:33	Name: IDE Value: AHWqTUlN_avmr9cF_Kkjn_Fsg8SycAsr52yRoI76Jknbuj8aFRfj5yLQwyxPn4edE1g
.protagcdn.com/	1970-01-20 06:15:35	Name: __cf_bm Value: ogWj7i5b2RUfFQePbPQN5.AD5WIGTTLlQcrlll3tpVc-1664133777-0-AZNVVlA6KOBlhZnUbehnW0GblSYaGOO8tVSIcp+d0HndOMwo68/o3DC4p7pL95xmMUG5jKv6oP3ftG+xUboYjXCK7PAsumUCFyQpoIML4xQ4tXoKnXbxneSoO1ywTRJIBg==
.doubleclick.net/	1970-01-20 06:15:37	Name: DSID Value: NO_DATA
.windowstan.com/	1970-01-20 15:37:09	Name: __gads Value: ID=2e1fb7324c97910b:T=1664133776:S=ALNI_MYd5fKDCEvGGXZ9h6BNQXmaWeoEwg
.openx.net/	1970-01-20 15:01:09	Name: i Value: f9e3986a-edf6-4a61-b4d6-1df641b12ca6\|1664133782
.openx.net/	1970-01-20 06:37:09	Name: pd Value: v2\|1664133782\|vMgakWgyiK
.quantserve.com/	1970-01-20 08:25:09	Name: d Value: ECgBCQGXJ4EA
.quantserve.com/	1970-01-20 15:45:48	Name: mc Value: 6330aa96-7e8d1-919a1-75fea
.turn.com/	1970-01-20 10:34:45	Name: uid Value: 8276385333670467568
.adsrvr.org/	1970-01-20 15:01:09	Name: TDID Value: a82f276f-6bd7-427f-b934-fda8cf51cf58
.tribalfusion.com/	1970-01-20 08:25:09	Name: ANON_ID Value: a5nseFsjyDimTFM6F0kBN33535Zbg5ZasylGfcOeZadlZbgJJqYhKt0Vqjo3ZakxU6xCIJTNHBHMuwry4FoNfisGn
.adsrvr.org/	1970-01-20 15:01:09	Name: TDCPM Value: CAEYBSABKAIyCwiImNCKw82POxAFOAE.
.openx.net/	1970-01-20 06:37:09	Name: univ_id Value: 537072971\|a82f276f-6bd7-427f-b934-fda8cf51cf58\|1664133782784686
.yahoo.com/	1970-01-20 15:01:31	Name: A3 Value: d=AQABBJaqMGMCEOGLZxk5YO7MH_uM_FCqLeYFEgEBAQH8MWM6YwAAAAAA_eMAAA&S=AQAAAqVob0HT6NNi2FiIi90Wl2w
.criteo.com/	1970-01-20 15:37:09	Name: uid Value: 53f7e5bf-00af-4a9a-819b-9be8ef4ac6f5
windowstan.com/	1970-01-20 06:15:33	Name: wp_dlm_downloading Value: eyJkb3dubG9hZCI6OTQ5NSwidmVyc2lvbiI6MX0%3D
.windowstan.com/	1970-01-20 15:37:09	Name: cto_bundle Value: myG5s18lMkZmNDlXUHozbUp6QlRhMDJrJTJCZWdTZVpRVFA1SG81WlBNbW1EblZxUmpsVkVUN2p3YVFzMGNWczY5T1V4eFd1JTJGR2FnYm9ubHBDTjVjb284QVVOcXVGQXlOUWo1TXdBQzBwNiUyRlZTSjVQUiUyRlVhZkF0d0wlMkJWVzBIdkIlMkJSWjc3SXRNY2tGUTRrS2ZvYjFQMVJpY2VGUDd0QSUzRCUzRA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f02187dfeb232bd913e8319995d6aba.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
adservice.google.ca
adservice.google.com
cdn.proadscdn.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
download.microsoft.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id.sharedid.org
imasdk.googleapis.com
match.adsrvr.org
media.proadscdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
pr-bh.ybp.yahoo.com
protagcdn.com
pubads.g.doubleclick.net
r.turn.com
r10---sn-quxapm-3c2e.gvt1.com
r5---sn-t0a7sn7d.gvt1.com
redirector.gvt1.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
tpc.googlesyndication.com
us-u.openx.net
windowstan.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.80.98
142.251.32.98
142.251.40.130
151.101.2.49
192.0.76.3
2600:1400:d:596::317f
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d
2606:4700:20::681a:637
2606:4700:20::681a:68e
2606:4700:20::681a:737
2606:4700:3030::6815:4827
2606:4700:4400::6812:230b
2607:f8b0:4002:c11::5e
2607:f8b0:4004:c09::9b
2607:f8b0:4006:806::2002
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2006
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::2004
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2001
2607:f8b0:4020::a
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:a021:b886:81cc:55cf
2a00:1588:d801::17
3.33.220.150
34.102.146.192
34.120.107.143
35.164.244.115
35.244.159.8
74.119.119.139
01e9a6b83eabe383b954ff2ea312241161d6f422cca61b6531dd247028facd32
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
039c2e9b769542b5efa6911822fa780eed443d913b26469533d13c8d2c85c040
06907abf171b642bc5278e5fa0311dde94e8812bdec25284061fd21cc80f9135
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa78534c298411845229e6dee89bfd935ed71c8aa64add2b06f8c31c5daf6d
155359f921f381d1f193070eff66be12e2f403b2e00b29e002109b885d397f1b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c9e805c4b54d95846ca12d4f85c31f09292b3b3da7764623145902fa88ff5b8
1f43b30fc681415bf1903d76aa51abbeaea1b63d6e36ec2315e3f7b2f2071aeb
20a02d8fe49cf308cc73be4418fd0a17cbe4da884babd4c14591ba4e3c817c3d
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
37021d9a3e2c1736286129d9922051a84a70fc53a0eec04cfa0cf05ec3ae0226
38c4ae22c9a0a76fff292dfb0656a0b1afcff4174c5c850a6529ccfa71af5bb5
39e680e21c805fc8b47b0dede96c03e0ecf84458d294a70a49997be93b303677
3a4b4ac7ae8dafdb70f970191795511cf7715c4680b58669ce5096a7a01f462e
3bce94505965d6abf66b0bfc098263df7315cf4a5ed8bb252d8d54a84d4c0d37
412144daf3b8ca3d205010c47587c58e7a77fc3b9102175a3740e5bcac565ecf
421b0c2e09144d8f39f243be1353c872f490aa4e3795c0ee3455433442d19dec
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49298e8132bfde2e654e4ecdd0627b27c1c1d6dc163e49d1660cbb552ca2344d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cb2689c8748b9f8c5002f2697cfac7241ce6c5bd35993b7cdd626e1ee09b6d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd79454faaf004721537fbf5afa855bc4e3758e7f2e7be56465d83cf3f76031
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
539399ddb353f51629f1786381f829b09771b7115295404149dad81d08319205
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54c3be3db11f9758ea542355599dc761e940f7bd390e7659ae73e39ca0cf6802
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60000d6f4f080aad9fcbb0ed637d7ec1b15fb4256cb9bc1622446e2c9a85b18f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
6ae5e4caf4ec051850b9cf1bb2e7f5be8e1ef438393577d986c2edd55b4b5487
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3d95d72176ed2a9ea98be0c986123dd88dbb6f744870bdbf307c066b42bc12
6f5c03a60fcd2b23be6cf85f891c69447ff48abbfba0682183d5f4fa234c7f1f
72564934ba67689a669f7caffd4abedecd17364059f3712c02a06fa30a5e58b0
7decfebf1d9a50b8f3271d4d71039e5359c763f925a8c61dede7f7d0f4f149e8
7e12600e6989d2acb7d8d1c38e4a409072e3e16924953809410c55acc8c37021
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e89790664f5e9de771170391280c0a4004427cf342004772f373fa78b4774b
87b34c15e92a0ce84916aef1a2a1af5cc71b81023dd1a42cc11f69709fcd6733
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
927b5bc14a6688209c58fd0354eea7cdbb23d6f483b94a460b26abbf215bc125
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9367efe4396b248b4e0ff1f69aa83fbf530092c92543277dddedcb75454cef2d
97e6bda52130a8da7876cc4068cdd3eaf0a2f6a1e3420d27df0c3f8c057731ab
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d18656936294a54e8ba07c0b459b652a767d2b54b97adcf0cbbd2852850885
a25399b43e8cec290367c45c82dccd1db16c07670a910f3d999276d3648063a3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a72569f093b72975b94b38f82961069544529f3bc24d107cab20e148082e6c05
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a96f4fb1cb3850e40321824668b66f2628a32c22ec77ab868dfc806a4a75fb15
a9b92b474abd6c41079a19e23fea79f0279dd70e3007c47e7773b9d3e7ca4f03
af26e7f615b40cb1bfd4a906ce0ea9a3431021293b21afdc92e3c7c3d8111896
afa60f9e3a01f197f4bf304e83c8a9e7d011f71fce273faffced31d4e539e75c
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b0c279199319ccbe22367e36f63998a6a112713b1cefc255c2f1126eaf122f14
b0fb099a7fec50c06d484a5efe91d9a1347c24fe3852c0ebd86532bc0ba85a6e
b27b187f9ce711bd456d17c3b43a0eedb99e4aa64f591a851167ee9ab2d58c9e
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba71d7360fc084690191be50fae228b204839bff0cd2e2c2265b7d924e5b030a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
cb384b000faba75cda5d7dd5aaeff01fe8c9682dc7e8a989cbd978036c2195ef
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d98d7bdfe0f9ac78ec9ab3274b04e5663ef132767c4014ca899c820634b3f204
e081b0fd410f2e50caa2d73f318aeccd508c82787c9fe90c2ebb470fc826f273
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e12f770ad95f2e9792ebd473b8a738fa17005e370abc8fb35cac62b5887ffea6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e8c36c421899fdab1cfb9b7f51a76519bc40e49f35cf6f61af3b29fcfa36b3e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fa608b57c66b48b0f4f5150c5593214de62e747d2c31e81740c993fb706333c8

windowstan.com Open in urlscan Pro 2606:4700:3030::6815:4827 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

96 %HTTPS

74 %IPv6

27 Domains

46 Subdomains

40 IPs

3 Countries

3648 kBTransfer

9013 kBSize

21 Cookies

4 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windowstan.com Open in urlscan Pro
2606:4700:3030::6815:4827 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

96 %
HTTPS

74 %
IPv6

27
Domains

46
Subdomains

40
IPs

3
Countries

3648 kB
Transfer

9013 kB
Size

21
Cookies

176 HTTP transactions
6 data transactions